sf-docs
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves documentation and PDF guides from official Salesforce domains, including developer.salesforce.com and help.salesforce.com. These are recognized well-known technology services, and the downloads are performed to populate a local cache.
- [COMMAND_EXECUTION]: Subprocess calls are used to coordinate local python scripts and execute system utilities such as Node.js for headless browser scraping and pdftotext for PDF text extraction. These operations are confined to the skill's internal workflow.
- [DATA_EXFILTRATION]: Document artifacts and metadata are stored in the user's home directory under ~/.sf-docs. No sensitive user credentials or system data are transmitted to external servers beyond the official documentation requests.
Audit Metadata