The Agent Skills Directory

[SAFE]: The skill implements a security validation framework that scores OAuth configurations against 120 points, actively encouraging best practices such as least privilege (minimal scopes) and IP relaxation enforcement.
[SAFE]: External references and documentation links point exclusively to trusted domains including Salesforce (salesforce.com, developer.salesforce.com) and reputable community resources (salesforceben.com, apexhours.com).
[SAFE]: Command execution patterns are limited to standard Salesforce CLI (sf) operations and basic file system management (Glob, Read, Write) required for metadata handling. A 'guardrails.py' hook is referenced in the environment's shared hooks directory, which appears to be a platform-level security control.
[SAFE]: The skill processes local project files (.connectedApp-meta.xml, .eca-meta.xml) to perform security audits. While this constitutes an ingestion surface for indirect prompt injection, it is the primary purpose of the tool and is handled as a standard analytical task by the agent.
[SAFE]: No hardcoded credentials or sensitive data exposure patterns were identified. The templates use placeholders (e.g., {{APP_NAME}}, {{CERTIFICATE_NAME}}) and explicitly advise against storing secrets in version control.

sf-connected-apps