sf-catalog
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified.\n- Ingestion points: The skill instructs the agent to use WebSearch and WebFetch tools to retrieve live documentation in SKILL.md.\n- Boundary markers: The instructions do not include markers or warnings to disregard potential instructions embedded in the external content.\n- Capability inventory: The agent has access to Bash, Write, Edit, Read, Grep, and Glob tools.\n- Sanitization: No sanitization or validation of the fetched documentation is specified.- [SAFE]: No malicious command execution, data exfiltration, or obfuscation patterns were detected. The skill's behavior aligns with its stated purpose of managing Salesforce product data.
Audit Metadata