Skills
skills/sickn33/antigravity-awesome-skills/salesforce-automation/Gen Agent Trust Hub

salesforce-automation

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires connecting to an external service provider to function.
  • Evidence: The setup instructions in SKILL.md direct users to add https://rube.app/mcp as an MCP server endpoint in their client configuration.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection attacks because it ingests and processes untrusted data from Salesforce CRM records.
  • Ingestion points: Salesforce data fields for Leads, Contacts, Accounts, Opportunities, and Tasks, as well as raw SOQL query results defined in the "Core Workflows" section of SKILL.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide the agent with guidance to ignore potential instructions embedded within the CRM data.
  • Capability inventory: The skill allows for significant state changes and data access via tools such as SALESFORCE_CREATE_LEAD, SALESFORCE_UPDATE_TASK, and SALESFORCE_RUN_SOQL_QUERY.
  • Sanitization: Absent. There is no evidence of input validation, escaping, or filtering of content retrieved from the Salesforce API before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 07:34 PM