Skills
skills/salesforcecommercecloud/b2c-developer-tooling/b2c-webdav/Gen Agent Trust Hub

b2c-webdav

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation suggests using npx @salesforce/b2c-cli, which downloads the package from the npm registry during execution. As '@salesforce' is not on the provided list of trusted organizations, this is treated as an unverifiable external dependency.
  • REMOTE_CODE_EXECUTION (MEDIUM): The use of npx results in the execution of code downloaded from a remote source. While the package is a known Salesforce tool, it is not part of the trusted whitelist and therefore represents an unverified execution vector.
  • PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection. 1. Ingestion points: The b2c webdav get ... -o - and ls commands bring remote file content and directory listings into the agent's context. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are specified. 3. Capability inventory: The agent has the capability to execute shell commands via the b2c tool and manage files. 4. Sanitization: No sanitization or validation of the remote file content is performed before it enters the context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 08:53 PM