The Agent Skills Directory

[SAFE]: A thorough analysis of the skill's instructions, metadata, and documentation revealed no security issues. The skill follows standard best practices for Salesforce development and does not contain malicious code or obfuscated content.\n- [PROMPT_INJECTION]: The instructions are clear and focused on Salesforce development tasks. No attempts to bypass safety filters, extract system prompts, or override agent constraints were found.\n- [DATA_EXFILTRATION]: No access to sensitive system files (e.g., SSH keys, cloud credentials) or data exfiltration patterns to external domains were identified. Network-related operations are limited to official Salesforce CLI commands for org management.\n- [REMOTE_CODE_EXECUTION]: No patterns of downloading or executing unverified remote scripts from untrusted sources were found. The documented CLI lifecycle is standard for the Salesforce ecosystem.\n- [COMMAND_EXECUTION]: The skill includes a platform-specific lifecycle hook in .claude/hooks.yaml that executes a local script (guardrails.py), which is consistent with the security framework of the development environment.

sf-ai-agentforce