Skills
skills/salesforcecommercecloud/b2c-developer-tooling/b2c-logs/Gen Agent Trust Hub

b2c-logs

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the b2c CLI tool for log retrieval, filtering, and monitoring on Salesforce B2C Commerce instances.
  • [EXTERNAL_DOWNLOADS]: The skill references the @salesforce/b2c-cli package, which is an official tool from a well-known technology provider.
  • [PROMPT_INJECTION]: The skill processes untrusted log data from external instances, which constitutes a surface for potential indirect prompt injection.
  • Ingestion points: Log data fetched via the b2c logs get command as described in SKILL.md.
  • Boundary markers: The instructions do not provide explicit delimiters or warnings to separate log content from the agent's operational instructions.
  • Capability inventory: The skill enables shell command execution via the b2c CLI and references external file access via b2c-cli:b2c-webdav.
  • Sanitization: No sanitization or validation of log entry content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 04:00 PM
Security Audit — agent-trust-hub — b2c-logs