salesforce
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlandjqto interact with Salesforce APIs and format data. These operations are performed using environment variables for instance URLs and bearer tokens, following standard security practices for CLI tools. - [INDIRECT_PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection as it processes external CRM data retrieved from the Salesforce API. Ingestion points: Salesforce CRM records retrieved in
SKILL.md. Boundary markers: Absent. Capability inventory: Subprocess execution viacurland file system writes to/tmpinSKILL.md. Sanitization: None; the skill does not explicitly sanitize data retrieved from the API before processing.
Audit Metadata