The Agent Skills Directory

[SAFE]: The skill performs legitimate administrative tasks using standard industry tools (sf CLI, jq).
[COMMAND_EXECUTION]: The skill uses sf data query and sf project deploy to manage Salesforce metadata. These operations are restricted to the specified metadata type and are consistent with the skill's stated purpose of managing org preferences.
[DATA_EXFILTRATION]: No evidence of unauthorized data access or transmission to external domains. The skill communicates exclusively with Salesforce via the official CLI.
[INDIRECT_PROMPT_INJECTION]: The skill reads project configuration from sfdx-project.json to determine directory paths. While this is an ingestion of external data, it is a standard practice for Salesforce development tools and is used with a static jq filter, presenting minimal risk.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret handling. The skill correctly identifies that deployment permissions are managed by the Salesforce platform's own access controls.

platform-agentexchange-partner-offers-enable