sf-b2c-cartridges
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a development guide for Salesforce Commerce Cloud (SFCC), providing technical documentation and architectural patterns without any malicious intent or risky command execution.
- [CREDENTIALS_UNSAFE]: The skill explicitly advises against hardcoding or committing secrets, recommending the use of Business Manager preferences and service credentials, which aligns with standard security best practices.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation from official sources, specifically the Salesforce Commerce Cloud GitHub repository. These references to well-known technology organizations are documented neutrally as standard development resources.
- [DATA_EXFILTRATION]: No patterns for unauthorized data access or external transmission of sensitive information were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill fetches documentation from external sites via WebSearch and WebFetch. Ingestion points: Technical documentation and GitHub repositories (SKILL.md). Boundary markers: Absent. Capability inventory: Bash, Write, and Edit tools. Sanitization: Absent.
Audit Metadata