sf-datacloud-connect

SUSPICIOUS: the skill’s purpose and commands are broadly coherent for Salesforce Data Cloud connection management, and its network targets appear to be Salesforce org APIs. The main issue is install/execution trust: it requires an unspecified external community Data360 plugin that is not verifiably official from the skill text, yet that plugin would receive sensitive connector configuration data and can perform live org mutations. That makes the skill higher-risk than a normal documentation or admin skill, even without clear evidence of malicious exfiltration.