sf-customers
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and structured instructions for integrating with Salesforce Commerce Cloud. All network operations (WebSearch, WebFetch) are directed toward official documentation for a well-known service (Salesforce), which is considered standard developer workflow. No obfuscation, data exfiltration, or malicious persistence mechanisms were identified.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection due to its reliance on external web content.
- Ingestion points: Untrusted data enters the agent context through search results and external page content via
WebSearchandWebFetchtools (SKILL.md). - Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore instructions' wrappers for the fetched content.
- Capability inventory: The skill allows the use of powerful tools including
Bash,Write, andEdit, which could be abused if malicious instructions are ingested (SKILL.md). - Sanitization: Absent; the skill does not define validation or filtering logic for the documentation retrieved from the internet.
Audit Metadata