b2c-bm-users-roles

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's primary function is to execute shell commands using the official Salesforce B2C CLI tool to manage users, roles, and permissions on Commerce Cloud instances.
  • [EXTERNAL_DOWNLOADS]: The instructions suggest using npx to run the @salesforce/b2c-cli package, which involves an external download from the npm registry. This is a standard practice for utilizing the vendor's command-line tooling.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it utilizes untrusted data to construct shell commands.
  • Ingestion points: User-provided strings (e.g., login emails, role names, search phrases) and content from external JSON files (e.g., admin-perms.json).
  • Boundary markers: No specific delimiters or instructions to ignore instructions within the processed data are provided to the agent.
  • Capability inventory: The skill possesses extensive capabilities to perform read, write, and delete operations on instance-level resources via the CLI.
  • Sanitization: The instructions do not define sanitization or validation procedures for user-provided input before it is used in command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 11:38 PM
Security Audit — agent-trust-hub — b2c-bm-users-roles