sf-debug
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill uses the 'sf' CLI to access Salesforce debug logs. These logs are generated within the user's Salesforce environment and may contain sensitive business data, PII, or application logic details. This access is inherent to the skill's primary function of log analysis and troubleshooting.
- [INDIRECT_PROMPT_INJECTION]: The skill processes Salesforce debug logs, which are external data sources that could be manipulated to include malicious instructions.
- Ingestion points: Logs are retrieved via 'sf apex get log' or 'sf apex tail log' and processed by 'hooks/scripts/parse-debug-log.py' via the 'TOOL_OUTPUT' environment variable.
- Boundary markers: The parsing script generates reports with structured headers like 'DEBUG LOG ANALYSIS' and 'AGENTIC FIX RECOMMENDATIONS', which provide some context separation, although no explicit 'ignore instructions' command is prepended to log content.
- Capability inventory: The skill possesses capabilities to read, list, and delete Salesforce records (logs and trace flags) via the 'sf' CLI.
- Sanitization: The Python parsing script truncates query strings to 200 characters and exception messages to 100 characters, reducing the footprint available for potential injection payloads.
Audit Metadata