sf-customers

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and structured instructions for integrating with Salesforce Commerce Cloud. All network operations (WebSearch, WebFetch) are directed toward official documentation for a well-known service (Salesforce), which is considered standard developer workflow. No obfuscation, data exfiltration, or malicious persistence mechanisms were identified.
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection due to its reliance on external web content.
  • Ingestion points: Untrusted data enters the agent context through search results and external page content via WebSearch and WebFetch tools (SKILL.md).
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore instructions' wrappers for the fetched content.
  • Capability inventory: The skill allows the use of powerful tools including Bash, Write, and Edit, which could be abused if malicious instructions are ingested (SKILL.md).
  • Sanitization: Absent; the skill does not define validation or filtering logic for the documentation retrieved from the internet.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM
Security Audit — agent-trust-hub — sf-customers