The Agent Skills Directory

[SAFE]: The skill uses local Python logic to provide diagnostic summaries. It includes Apex templates that demonstrate best practices for optimization, such as bulkification and null safety. No external data transmissions or suspicious dependencies were identified.\n- [COMMAND_EXECUTION]: Transparently uses the Salesforce CLI (sf) to list and retrieve logs. These operations are essential for the skill's purpose and are executed with the user's existing org authentication.\n- [PROMPT_INJECTION]: Evaluated the risk of indirect prompt injection from Salesforce log content. The skill ingests untrusted log data through the parse-debug-log.py hook. Evidence chain: (1) Ingestion: TOOL_OUTPUT read by Python script; (2) Boundary: Output is wrapped in diagnostic headers; (3) Capability: Integrates with sf-apex for suggested fixes; (4) Sanitization: Messages are truncated to 100 characters. The risk is considered minimal and acceptable given the skill's primary function as a technical log analyzer.

sf-debug