b2c-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (LOW): The skill relies on the
@salesforce/b2c-clipackage vianpx. Since@salesforceis not on the predefined list of trusted organizations, this is classified as an external dependency. The severity is downgraded from MEDIUM to LOW because it is essential to the skill's primary purpose. - Data Exposure & Exfiltration (LOW): The
b2c docs downloadcommand communicates with external Salesforce domains (e.g.,*.demandware.net). These domains are not in the approved whitelist. Severity is LOW as these connections are required to fetch documentation. - Indirect Prompt Injection (LOW): The skill reads and processes external data (API docs and XSD schemas) which could theoretically contain malicious instructions.
- Ingestion points: Terminal output from
b2c docs readandb2c docs schemacommands. - Boundary markers: Absent; the skill does not wrap tool outputs in specific delimiters or safety warnings.
- Capability inventory: The skill has the ability to execute shell commands and write files to the local system via the
b2cCLI. - Sanitization: No evidence of sanitization or content validation is present for the fetched documentation.
Audit Metadata