b2c-bm-users-roles
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary function is to execute shell commands using the official Salesforce B2C CLI tool to manage users, roles, and permissions on Commerce Cloud instances.
- [EXTERNAL_DOWNLOADS]: The instructions suggest using
npxto run the@salesforce/b2c-clipackage, which involves an external download from the npm registry. This is a standard practice for utilizing the vendor's command-line tooling. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it utilizes untrusted data to construct shell commands.
- Ingestion points: User-provided strings (e.g., login emails, role names, search phrases) and content from external JSON files (e.g.,
admin-perms.json). - Boundary markers: No specific delimiters or instructions to ignore instructions within the processed data are provided to the agent.
- Capability inventory: The skill possesses extensive capabilities to perform read, write, and delete operations on instance-level resources via the CLI.
- Sanitization: The instructions do not define sanitization or validation procedures for user-provided input before it is used in command execution.
Audit Metadata