platform-value-set-generate
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
sf(Salesforce CLI) tool. Specifically, it provides a template forsf data queryto validate standard value sets against the Salesforce Tooling API using user-specified metadata names. - [PROMPT_INJECTION]: The skill incorporates user-provided metadata names and picklist values into both shell commands and generated XML files. While it includes specific validation and formatting instructions (such as converting spaces to underscores for developer names), this pattern creates a surface for indirect prompt injection via untrusted user input.
- Ingestion points: User requests for metadata generation or picklist customization as described in the skill metadata and overview.
- Boundary markers: None explicitly defined to separate user input from the command or XML context.
- Capability inventory: Shell command execution via the
sfCLI. - Sanitization: The skill provides logic for formatting names and validating value counts but does not provide explicit instructions for shell-escaping user input used in CLI commands.
- [SAFE]: All external URLs point to official Salesforce developer documentation (developer.salesforce.com). The
sfCLI tool is a standard industry utility for this vendor's platform and is used here for its intended purpose.
Audit Metadata