sf-b2c-pwa-kit
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides high-quality technical documentation and structural guidance for building headless storefronts with Salesforce's PWA Kit framework.- [EXTERNAL_DOWNLOADS]: The skill fetches documentation and reference materials from official Salesforce developer portals and GitHub repositories. These are well-known, legitimate sources for the intended framework.- [COMMAND_EXECUTION]: Includes standard framework initialization and deployment commands, such as
npx @salesforce/pwa-kit-create-appandnpm run push. These are routine development actions within this ecosystem.- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by instructing the agent to fetch and follow instructions from external websites and search results. - Ingestion points: External content is pulled into the agent's context via
WebFetchandWebSearchtools as specified inSKILL.md. - Boundary markers: The instructions lack explicit delimiters or warnings to distinguish fetched content from internal instructions or to ignore instructions embedded within the documentation.
- Capability inventory: The skill allows the use of
Bash,Write, andEdittools, meaning instructions retrieved from the web could potentially influence file system modifications or command execution. - Sanitization: There is no mechanism described to sanitize or validate the content retrieved from external sources before processing.
Audit Metadata