platform-apex-test-generate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements standard Salesforce Apex testing best practices and patterns, such as centralized TestDataFactory management and mocking interfaces for HTTP callouts and SOSL searches.
  • [COMMAND_EXECUTION]: Uses the official Salesforce CLI command sf apex run test (referenced in SKILL.md, Step 3) to perform test execution and coverage analysis, which is the intended functional purpose of the tool.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided production classes to generate test files (Ingestion points: SKILL.md, Step 1). It mitigates the risk of malicious instructions in the source code by enforcing rigid code structures and using predefined templates (Boundary markers: assets/test-class-template.cls). The skill's capabilities are limited to generating static Apex files and running specific Salesforce CLI commands (Capability inventory: .cls file creation and sf CLI calls). Sanitization is achieved through strict logical constraints such as Given/When/Then structures.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 12:50 PM
Security Audit — agent-trust-hub — platform-apex-test-generate