ClawHub

Salesforce API Integration

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Salesforce API reference skill, but it can read, export, create, update, or delete Salesforce data using credentials you provide.

Install only if you want the agent to work with Salesforce. Use a sandbox or least-privilege integration user where possible, review write/delete/bulk commands before running them, avoid pasting secrets into shared shells or logs, and periodically inspect or remove ~/salesforce-api-integration/ if you do not want Salesforce context retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The bulk delete example provides direct instructions for deleting Salesforce records at scale without any caution about destructive impact, validation steps, or recovery limitations. In an agent skill, this can normalize unsafe use and increase the chance of accidental mass deletion of production data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The bulk query and results examples show how to export Account data at scale but omit any privacy, least-privilege, or data-handling guidance. This is risky because users may retrieve and store large volumes of sensitive business data without considering compliance, exposure, or unnecessary collection.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The examples demonstrate authenticated Salesforce reads and a POST that creates an Account record, but provide no warning that they access live CRM data and can modify production state. In an agent skill context, users may copy these commands directly, causing unintended data exposure or unauthorized record creation if pointed at a real tenant.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
These examples query Contacts, Leads, Cases, and object metadata, all of which can reveal sensitive business and personal data such as emails, customer issues, and internal schema information. Without user-facing warnings or guardrails, the skill normalizes broad access to CRM data and may encourage unsafe use against production systems.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The setup instructions tell users to pass sensitive values such as client secrets, passwords, security tokens, and access tokens directly on the command line and then export tokens into environment variables, but they do not warn that these values may be exposed via shell history, process listings, terminal logs, or inherited subprocess environments. In a security-sensitive integration skill, this omission can lead to credential leakage and unauthorized access to the Salesforce org.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal