Skills
skills/aaaaqwq/claude-code-skills/salesforce-automation/Gen Agent Trust Hub

salesforce-automation

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires adding an external MCP server 'https://rube.app/mcp'. This domain is not on the trusted list and serves as a remote dependency for all Salesforce operations.
  • DATA_EXFILTRATION (MEDIUM): By routing Salesforce operations (leads, contacts, SOQL queries) through the 'rube.app' proxy, sensitive CRM data is exposed to an unverified third party. The claim that 'No API keys needed' suggests a lack of transparent authentication or a shared session model.
  • PROMPT_INJECTION (LOW): Indirect prompt injection (Category 8) vulnerability surface detected. 1. Ingestion points: Data returned from Salesforce tools (Leads, Contacts, Tasks, SOQL results). 2. Boundary markers: Absent in prompt instructions. 3. Capability inventory: Extensive record creation, updates, and SOQL execution. 4. Sanitization: No sanitization or verification of data retrieved from external Salesforce objects before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 03:09 PM