salesforce-development
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate educational content for Salesforce developers, including bulkified Apex triggers, Queueable async processing, and reactive LWC components.
- [EXTERNAL_DOWNLOADS]: References the installation of the official Salesforce CLI (@salesforce/cli) and the 'jsonwebtoken' library via the standard NPM registry for automated CI/CD and authentication purposes.
- [CREDENTIALS_UNSAFE]: Demonstrates the use of environment variables (process.env) and GitHub Action secrets (SFDX_AUTH_URL) for managing authentication tokens, which is a standard security practice to avoid hardcoding secrets.
- [COMMAND_EXECUTION]: Provides standard Salesforce CLI commands (sf org create, sf project deploy) for managing scratch orgs and source-driven development in isolated environments.
- [SAFE]: Includes a dedicated 'Validation Checks' section that provides automated linting-style warnings against dangerous practices like SOQL injection and DML operations inside loops.
Audit Metadata