installing-webapp-features
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the @salesforce/webapps-features-experimental CLI tool via npx to perform search, description, and installation of web application features.
- [EXTERNAL_DOWNLOADS]: Fetches and installs npm packages and their dependencies from the @salesforce scope at runtime.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads project source code and integration examples to perform automated code integration. Maliciously crafted content within the project files or installed examples could influence the agent's behavior during the integration process.
- Ingestion points: Reads files within the src/ directory and generated example files.
- Boundary markers: Absent; there are no specific instructions to the agent to disregard instructions found within the data being processed.
- Capability inventory: Command execution (npx), file system access (Read and Edit tools), and file deletion (rm).
- Sanitization: Absent; the skill integrates code patterns directly from examples into target files without verification.
Audit Metadata