sf-metadata
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate Salesforce metadata operations. Analysis of the Python automation scripts (
generate_permission_set.pyandvalidate_metadata.py) confirms they are restricted to local file operations for XML parsing, scoring, and generation without any network connectivity or unauthorized system access.- [SAFE]: The skill's assets consist of XML templates with placeholders for Salesforce objects and fields. These templates adhere to official Salesforce metadata schemas and do not contain hardcoded credentials or malicious commands.- [SAFE]: Documentation and external references point exclusively to official Salesforce developer sites or established community resources. The installation instructions use standard package management patterns consistent with the vendor's provided context.
Audit Metadata