sf-testing
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official Salesforce CLI (
sf) to run tests and analyze coverage. This is the intended purpose of the skill and is documented in the SKILL.md and README.md files. - [SAFE]: The skill includes a Python hook (
hooks/scripts/parse-test-results.py) to process test outputs. This script is well-structured and implements defensive practices to handle untrusted data from test results: - Ingestion points: CLI stdout is ingested via environment variables in the hook script.
- Boundary markers: The script produces formatted output with clear headers like '📊 APEX TEST RESULTS' to help the agent distinguish data from instructions.
- Capability inventory: The agent can read and write Apex class files and execute CLI test commands, which are required for the automated fix loop.
- Sanitization: Error messages are truncated to 200 characters, significantly reducing the space available for potential prompt injection payloads.
- [SAFE]: The provided Apex assets (e.g.,
assets/dml-mock.cls,assets/test-data-factory.cls) are standard industry patterns for Salesforce testing and contain no suspicious logic or external communication beyond documented Salesforce platform features.
Audit Metadata