ClawHub
Bundle Pluginsource linked

SF Plugin Core Assets Testv0.0.1

Salesforce skill bundle plugin for Codex-compatible hosts and OpenClaw bundle installs.

sf-plugin-core-assets-test·runtime sf-plugin-core-assets-test·by @dsouza-anush
openclaw bundles install clawhub:sf-plugin-core-assets-test
Latest release: v0.0.1Download zip

Capabilities

Bundle format
codex
Tags
bundle-onlyformat:codexhost:codex
Host targets
codex
Runtime ID
sf-plugin-core-assets-test

Compatibility

Built With Open Claw Version
0.1.0
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Salesforce plugin bundle) align with the large number of Salesforce-focused SKILL.md files, examples, LWC/Apex assets, and OAuth templates included. Having many sub-skills and assets is coherent for a 'core assets' bundle. It's unusual but not necessarily wrong that the top-level SKILL.md content shown is a package.json-like JSON blob rather than user-facing runtime instructions; that mismatch should be checked by the maintainer.
!
Instruction Scope
Most SKILL.md files (examples shown) are documentation and safe code examples showing curl/requests to Salesforce endpoints and instructions about OAuth flows. However: (1) the SKILL.md content field presented at the top appears to contain package.json JSON instead of runtime agent instructions, which is unexpected and may indicate packaging/metadata confusion; (2) the pre-scan detected the prompt-injection pattern 'you-are-now' inside SKILL.md content (not present in the truncated excerpts), which is a red flag for content attempting to manipulate an LLM agent's behavior. Several files were truncated/omitted in the manifest so additional instruction content could not be audited here.
Install Mechanism
There is no install spec (instruction-only) and no steps that would download or execute external installers. That lowers install-time risk. The bundle does include many code files and scripts, but without any automated install or extract step these files won't be automatically executed by the host.
Credentials
The skill declares no required environment variables, credentials, or config paths. The included documentation and examples demonstrate how to use Salesforce client_ids/secrets, but the bundle does not demand secrets at install time. This is proportionate to a documentation/asset bundle.
Persistence & Privilege
The skill does not request 'always: true' and uses default model invocation settings (agent can invoke autonomously). Nothing in the provided files suggests it modifies other skills or global agent settings. Autonomous invocation is allowed by default and is not by itself flagged.
Scan Findings in Context
[prompt-injection:you-are-now] unexpected: A prompt-injection pattern 'you-are-now' was detected in SKILL.md content. Salesforce documentation and OAuth templates would not normally include LLM-control phrases; this could be an attempt to influence an agent's behavior. The sample excerpts shown do not contain this phrase, so it likely appears in one of the omitted files.
What to consider before installing
This bundle mostly looks like a large collection of Salesforce documentation, examples, Apex/LWC assets and OAuth templates — which is coherent with the described purpose and requires no secrets or installers. However, there are two things to check before installing: (1) open and search every SKILL.md in the bundle (and any other text files) for suspicious prompt-injection phrases (e.g., 'you-are-now', or other LLM control instructions). If found, ask the author to remove them or provide justification. (2) Confirm why the top-level SKILL.md appears to contain package.json JSON (a packaging/metadata mix-up) — ensure the runtime instructions the agent will follow are correct and not replaced with metadata. If you cannot inspect all omitted files, treat this as unverified and consider testing the bundle in an isolated environment or sandbox agent first. If you need high assurance (e.g., in a production agent), request the maintainer to provide a cleaned bundle or an explicit statement that no prompt-injection content is present and the intended SKILL.md files are human-readable instructions.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/dsouzaAnush/salesforce-plugin
Commit
4dd86807732f
Tag
main
Provenance
No
Scan status
pending

Tags

latest
0.0.1
salesforce
0.0.1
test
0.0.1