integration-connectivity-generate
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides templates and scripts for Salesforce integrations, following platform-specific best practices for secure connectivity.
- [COMMAND_EXECUTION]: The helper scripts, such as
configure-named-credential.sh, utilize the Salesforce CLI (sf) to interact with authenticated environments. This includes querying metadata and executing Apex code viasf apex runto store credentials securely in the target org. - [DATA_EXPOSURE]: The skill includes a dedicated validation hook (
validate_integration.py) that performs static analysis on generated Apex code to prevent the accidental inclusion of hardcoded secrets like Bearer tokens or API keys. - [DYNAMIC_EXECUTION]: The automation script
configure-named-credential.shdynamically generates a temporary Apex file to handle the encryption and storage of API keys within Salesforce'sConnectApi. This is a legitimate and recommended practice for avoiding plain-text credential storage.
Audit Metadata