platform-value-set-generate

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the sf (Salesforce CLI) tool. Specifically, it provides a template for sf data query to validate standard value sets against the Salesforce Tooling API using user-specified metadata names.
  • [PROMPT_INJECTION]: The skill incorporates user-provided metadata names and picklist values into both shell commands and generated XML files. While it includes specific validation and formatting instructions (such as converting spaces to underscores for developer names), this pattern creates a surface for indirect prompt injection via untrusted user input.
  • Ingestion points: User requests for metadata generation or picklist customization as described in the skill metadata and overview.
  • Boundary markers: None explicitly defined to separate user input from the command or XML context.
  • Capability inventory: Shell command execution via the sf CLI.
  • Sanitization: The skill provides logic for formatting names and validating value counts but does not provide explicit instructions for shell-escaping user input used in CLI commands.
  • [SAFE]: All external URLs point to official Salesforce developer documentation (developer.salesforce.com). The sf CLI tool is a standard industry utility for this vendor's platform and is used here for its intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 01:27 PM