Skills
skills/jaganpro/claude-code-sfskills/sf-datacloud-connect/Gen Agent Trust Hub

sf-datacloud-connect

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the sf (Salesforce CLI) tool and a local diagnostic script to interact with Salesforce environments.
  • Evidence: SKILL.md specifies execution of sf data360 commands and node ~/.claude/skills/sf-datacloud/scripts/diagnose-org.mjs.
  • [DATA_EXFILTRATION]: The skill instructions and templates involve handling sensitive credentials for database and cloud service connections.
  • Evidence: JSON templates in examples/connections/ manage fields for passwords and secrets (e.g., <HEROKU_DB_PASSWORD>, <AZURE_APP_CLIENT_SECRET>). While the skill processes these secrets, no unauthorized external transmission was identified.
  • [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection risks by ingesting and acting upon metadata retrieved from external Salesforce organizations.
  • Ingestion points: sf data360 connection objects and sf data360 connection fields commands in SKILL.md.
  • Boundary markers: No explicit boundary markers or isolation instructions for external data processing were found.
  • Capability inventory: The skill has the capability to create/mutate connections and execute arbitrary REST API requests via sf api request rest.
  • Sanitization: No sanitization logic for fetched metadata is specified in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 07:58 PM