investigating-agentforce-d360

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the official Salesforce CLI (sf) to retrieve authentication tokens and organization metadata. These commands are executed using safe parameter passing (argument lists) and are standard operations for interacting with the Salesforce ecosystem.
  • [EXTERNAL_DOWNLOADS]: Fetches session audit records from the Salesforce Data Cloud Query REST API. These network operations are directed to the user's specific Salesforce instance and are authenticated using credentials managed by the Salesforce CLI.
  • [PROMPT_INJECTION]: The skill processes and displays conversation transcripts and LLM outputs from audited sessions. While this data ingestion constitutes an indirect prompt injection surface, it is the primary intended purpose of the diagnostic tool. The skill provides clear formatting for these transcripts to facilitate human review.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 05:14 PM
Security Audit — agent-trust-hub — investigating-agentforce-d360