sf-performance

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and guidelines for Salesforce performance optimization. No malicious patterns, obfuscation, or unauthorized data access were identified.
  • [EXTERNAL_DOWNLOADS]: The instructions recommend fetching live documentation from well-known technology sites like developer.salesforce.com and web.dev. These references are used for informational purposes only.
  • [DATA_EXFILTRATION]: No patterns of sensitive data access or exfiltration were found. The skill does not reference private configuration files, environment variables, or hardcoded credentials.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection. 1. Ingestion points: WebSearch and WebFetch tools used for documentation retrieval in SKILL.md. 2. Boundary markers: No delimiters or ignore instructions provided for fetched content. 3. Capability inventory: The skill is allowed to use Bash, Write, and Edit tools. 4. Sanitization: No sanitization logic for external documentation content is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:50 PM
Security Audit — agent-trust-hub — sf-performance