Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/salesforce-core-workflow-a/Gen Agent Trust Hub

salesforce-core-workflow-a

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network operations targeting Salesforce API endpoints. These operations are essential for the skill's primary function and target a well-known service.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from an external source (Salesforce) via SOQL queries and REST API calls. This data is then processed by the agent. While the provided snippets do not show explicit sanitization or boundary markers, the risk is inherent to the intended use case.
  • Ingestion points: Salesforce data retrieved via conn.query, conn.search, and conn.request in SKILL.md.
  • Boundary markers: Not present in the provided code snippets.
  • Capability inventory: The skill possesses Write, Edit, and Bash capabilities as defined in the frontmatter.
  • Sanitization: No explicit sanitization or filtering of Salesforce record data is demonstrated in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 04:42 PM