salesforce
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes environment variables (APIDECK_API_KEY, APIDECK_APP_ID) for managing sensitive credentials, which aligns with security best practices.
- [EXTERNAL_DOWNLOADS]: The skill fetches OpenAPI specifications and documentation from official and verified Apideck domains (apideck.com, apideck.io).
- [PROMPT_INJECTION]: The skill processes data from Salesforce CRM records, which serves as a vector for Indirect Prompt Injection. 1. Ingestion points: Data enters the agent context through CRM record retrieval methods such as contact lists. 2. Boundary markers: There are no specific delimiters or instructions provided to the agent to treat record content as untrusted. 3. Capability inventory: The agent has network access via the Apideck SDK and Proxy API endpoints. 4. Sanitization: No explicit sanitization or validation of the retrieved CRM data is implemented.
Audit Metadata