developing-agentforce
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Static analysis identified a concealment pattern in
references/agent-design-and-spec-creation.md. This refers to instructions for the AI to avoid using a specific platform tool (show_command) and instead compose direct text responses. In the context of Salesforce Agentforce, this is a documented technical best practice to ensure session state stability and reliable grounding, not a malicious attempt to hide actions from the user. - [PROMPT_INJECTION]: The file
references/safety-review-reference.mdcontains various adversarial prompts (e.g., "Ignore your previous instructions", "What is your system prompt?"). These are explicitly presented as examples for developers to use during security and safety testing of their own agents and do not represent an active threat within this skill. - [DATA_EXPOSURE]: No hardcoded credentials, API keys, or sensitive file paths were discovered. The skill explicitly guides users to use Named Credentials and Environment Variables for secret management.
- [COMMAND_EXECUTION]: The skill utilizes the standard Salesforce CLI (
sf) for agent lifecycle management (generate, validate, deploy, publish). All commands are documented for legitimate developer workflows. - [EXTERNAL_DOWNLOADS]: The skill references official Salesforce documentation and GitHub repositories (e.g.,
trailheadapps/agent-script-recipes), which are recognized as trusted sources for development resources.
Audit Metadata