AGENTFORCE-17.2: Commerce Agent Amount Without Bounds Check
๐จ Critical ยท Agentforce for Commerce
Detects Apex invocables called by Commerce agent actions that manipulate Amount, Quantity, or Price fields without validating bounds. An LLM hallucination could instruct quantity = -9999 or price = 0.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-17.2 |
| Severity | Critical |
| Category | Agentforce for Commerce |
| Compliance | PCI_DSS, SOC2_CC6 |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-17.2.