Skills
skills/jaganpro/sf-skills/sf-datacloud/Gen Agent Trust Hub

sf-datacloud

Fail

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The script scripts/bootstrap-plugin.sh clones an external repository (https://github.com/gthoppae/sf-cli-plugin-data360.git), executes yarn install, and links it as a Salesforce CLI plugin using sf plugins link .. This facilitates the execution of arbitrary, unverified code from a third-party source not listed in the trusted vendors list.
  • [COMMAND_EXECUTION]: The script scripts/verify-plugin.sh is vulnerable to shell command injection. It uses bash -lc to execute commands that interpolate the ${ORG} variable directly into a string without proper sanitization. An attacker could provide a malicious organization alias containing shell metacharacters (e.g., ; touch /tmp/pwned) to execute arbitrary commands on the host system.
  • [EXTERNAL_DOWNLOADS]: The skill setup process initiates downloads and installation of executable software from a third-party GitHub repository (gthoppae/sf-cli-plugin-data360) that is not identified as a trusted organization or well-known service provider in the security policy.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 22, 2026, 09:21 PM