sf-b2c-sfra

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch the Storefront Reference Architecture (SFRA) source code from the official Salesforce Commerce Cloud GitHub repository for reference. This involves acquiring code from a well-known service provider as part of the intended development workflow.
  • [PROMPT_INJECTION]: The skill retrieves data from external web searches and web fetching, creating a surface for indirect prompt injection where instructions embedded in retrieved documentation could potentially influence agent behavior.
  • Ingestion points: Before Writing Code section uses WebFetch for GitHub content and WebSearch for developer portal documentation.
  • Boundary markers: None specified to isolate or delimit retrieved external content.
  • Capability inventory: The execution environment includes access to Bash, Write, and Edit tools.
  • Sanitization: No specific validation or filtering mechanisms are defined for the fetched external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — sf-b2c-sfra