The Agent Skills Directory

[SAFE]: The skill instructions and associated reference files do not contain any malicious patterns, prompt injections, or obfuscation techniques.\n- [COMMAND_EXECUTION]: The skill uses grep to locate component usage within the project and npm install to manage dependencies. These are standard development operations required for the skill's primary purpose.\n- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install packages from the @salesforce scope via the official NPM registry. As the skill is authored by forcedotcom, these are verified vendor resources.\n- [DATA_EXFILTRATION]: The skill asks the user to provide an agentId. It includes clear deterministic validation rules (^0Xx[a-zA-Z0-9]{15}$) to ensure the identifier matches the expected Salesforce format before it is used in code. It does not attempt to access sensitive system files or environment variables.\n- [PROMPT_INJECTION]: Instructions use terms like 'IMPORTANT' and 'CRITICAL' to emphasize safety guidelines and correct implementation patterns (e.g., warning against editing implementation files or leaving local development domains trusted in production). No attempts to bypass agent safety filters were detected.

managing-webapp-agentforce-conversation-client