securing-agentforce

Installation
SKILL.md

ADLC Security

OWASP LLM Top 10 security assessment for live Agentforce agents.

Overview

This skill sends adversarial test payloads to a deployed Agentforce agent via sf agent preview and evaluates whether the agent resists attacks across 7 OWASP LLM Top 10 categories:

ID Category Tests Focus
LLM01 Prompt Injection 9 Direct override, encoding, multi-turn, role-play, delimiter, multilingual
LLM02 Sensitive Info Disclosure 10 PII extraction, credentials, cross-tenant, context leakage
LLM05 Improper Output Handling 7 XSS, SQL injection, command injection, SSRF, path traversal
LLM06 Excessive Agency 8 Unauthorized actions, privilege escalation, data exfiltration
LLM07 System Prompt Leakage 10 Direct extraction, role-play bypass, encoding, social engineering
LLM09 Misinformation 7 Hallucination, fabricated citations, knowledge boundary violations
LLM10 Unbounded Consumption 6 Token exhaustion, recursion, context saturation

Total: 57 tests with weighted severity scoring producing an A–F grade.

Installs
68
GitHub Stars
80
First Seen
Jun 4, 2026
securing-agentforce — salesforceairesearch/agentforce-adlc