sf-industry-commoncore-omniscript
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the official Salesforce CLI (
sf) to execute commands such assf data queryandsf project deploy. These commands are used as intended for querying OmniStudio metadata and deploying project files to authenticated Salesforce environments. The operations are conducted within the context of the user's development workflow. - [PROMPT_INJECTION]: The skill has an indirect injection surface as it processes user requirements (such as Type, SubType, and Org Alias) and interpolates them into CLI commands and JSON templates. However, given the skill's purpose as a developer tool, this behavior is expected and non-malicious.
- Ingestion points: User-defined OmniScript requirements (Type, SubType, Language) and Salesforce org aliases enter the agent's context in
SKILL.md. - Boundary markers: None; inputs are directly used in command templates.
- Capability inventory: The skill uses subprocess execution via the Salesforce CLI (
sf) for data retrieval and deployment across all configuration phases. - Sanitization: The instructions do not explicitly provide sanitization or validation logic for user-supplied string interpolation in shell commands.
Audit Metadata