Salesforce Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Salesforce CLI skill, but it gives the agent broad Salesforce-changing powers and includes commands that can expose Salesforce tokens.
Install only if you want the agent to operate Salesforce through the CLI. Use a dedicated least-privilege Salesforce account, confirm the target org before actions, avoid exposing token-display output, and require explicit user approval before any write, delete, bulk, Apex, deployment, or raw API operation.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad agent action could change or delete CRM records, export sensitive customer data, deploy unwanted org changes, or call APIs against the wrong Salesforce org.
These are high-impact Salesforce capabilities that can mutate business data, run org-side code, deploy configuration, or bypass safer scoped workflows through raw API calls.
create/update/delete records, bulk import/export, execute Apex, deploy metadata, and make raw REST API calls
Use a least-privilege Salesforce user, prefer sandbox orgs, verify the target org before each action, and require explicit approval for every mutation, bulk job, Apex execution, deployment, and raw REST call.
Salesforce tokens exposed in the agent session or logs could allow account access if copied, stored, or shared unintentionally.
The documented commands can place Salesforce access-token and refresh-token material into the agent/tool output, which is sensitive credential handling beyond ordinary query results.
sf org display --json ... (access token, instance URL, username) ... sf org display --target-org my-org --verbose --json ... (sensitive - contains refresh token)
Avoid running token-display commands unless absolutely necessary, redact token fields from outputs, and use short-lived or least-privilege credentials where possible.
The installed CLI version and its npm supply chain become part of the trusted execution path.
Installing the Salesforce CLI is expected for this skill, but it depends on an external npm package without a pinned version in the provided install specification.
node | package: @salesforce/cli | creates binaries: sf
Install from Salesforce’s official source, pin or review the CLI version where possible, and keep it updated through trusted channels.