b2c-content
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill suggests using
npx @salesforce/b2c-cli, which facilitates the download and execution of external code. As Salesforce is not included in the Trusted External Sources list, this is treated as an unverifiable dependency execution. - DATA_EXFILTRATION (MEDIUM): The skill instructions specify configuration via
dw.json, a file that commonly contains sensitive environment credentials and hostnames. Reading this file constitutes a data exposure risk. - COMMAND_EXECUTION (LOW): The skill invokes the
b2cCLI to perform network operations and local file system writes (e.g., exporting to./my-export), which are necessary for its primary purpose but represent privileged actions. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface (Category 8) by processing external Page Designer assets and local XML library files. Evidence: 1. Ingestion points:
b2c content exportand--library-fileparsing. 2. Boundary markers: Absent. 3. Capability inventory: Command execution and file writes. 4. Sanitization: No sanitization of the external content is described.
Audit Metadata