fetching-webapp-rest-api
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected in the Einstein LLM Gateway integration example.
- Ingestion points: The
promptvariable inSKILL.mdis directly passed to the Einstein LLM generation endpoint. - Boundary markers: Absent; the prompt content is interpolated into the JSON request body without clear delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill uses
sdk.fetchto perform network operations against Salesforce API services. - Sanitization: Absent; no input validation or escaping mechanisms are shown for the data used in the LLM request.
Audit Metadata