agentforce-test
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions and assets containing prompt injection patterns such as 'Ignore your previous instructions' and requests for system prompts. These are explicitly defined as safety probe test cases used to evaluate the robustness of agents during the testing process.
- [COMMAND_EXECUTION]: The skill uses the
sfCLI for starting/stopping preview sessions and running batch tests. It also uses inline Python scripts for JSON processing and stripping control characters from CLI output, which is a common requirement for handling Salesforce CLI responses. - [EXTERNAL_DOWNLOADS]: The skill performs HTTP requests via
curlto interact with Salesforce REST APIs. These operations target well-known Salesforce service domains for action execution and debugging. - [CREDENTIALS_UNSAFE]: The skill retrieves and uses Salesforce access tokens via the official CLI tool. No hardcoded secrets are present, and the skill includes safety warnings regarding the use of production environments and real PII.
- [SAFE]: The skill's operations are transparent and align with its stated purpose as a testing framework. Security-sensitive patterns (like adversarial prompts) are contextually appropriate for a security testing tool.
Audit Metadata