Salesforce Skill
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Salesforce management skill, but it can use Salesforce access to read, change, or delete CRM records, so users should confirm the target org and records before using destructive actions.
Install only if you want the agent to work with Salesforce CRM data. Use a limited Salesforce account, set the intended target org, test in a sandbox first, and require explicit confirmation before creates, updates, deletes, bulk imports, exports, or REST API calls.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run against the wrong org or record list, the agent could delete or modify important CRM data.
The skill documents direct and bulk deletion of Salesforce records. This is within the stated CRM-management purpose, but it is a high-impact action that should be explicitly user-approved.
sf data delete record --sobject Contact --record-id 003XXXXXXXXXXXXXXX --target-org myorg # Bulk delete via query (careful!) sf data delete bulk --sobject Lead --file leads-to-delete.csv --target-org myorg
Confirm the Salesforce org, object type, record IDs, and CSV contents before allowing update, delete, bulk import, or bulk delete commands.
The agent may act with the same Salesforce permissions as the authenticated user or token.
The skill needs delegated Salesforce credentials or an access token. This is expected for Salesforce operations, but those credentials may grant broad CRM read/write authority.
Authentication configured via one of:
- `sf org login web` (OAuth browser flow - recommended for interactive)
- `sf org login jwt` (JWT for headless/automated)
- `SALESFORCE_ACCESS_TOKEN` environment variable (direct token)Use a least-privilege Salesforce account, avoid admin tokens unless necessary, and revoke or rotate tokens if they are no longer needed.
Commands could affect the wrong Salesforce org if the CLI default is not what the user expects.
If SALESFORCE_TARGET_ORG is unset, the helper uses the Salesforce CLI's default org. This is normal CLI behavior but can be ambiguous for users with multiple orgs.
TARGET_ORG="${SALESFORCE_TARGET_ORG:-}"
if [[ -n "$TARGET_ORG" ]]; then
ORG_FLAG="--target-org $TARGET_ORG"
else
ORG_FLAG=""
fiSet SALESFORCE_TARGET_ORG or pass --target-org explicitly, especially before write, delete, or bulk operations.
Users may not see required setup and credential requirements in the registry before installation.
SKILL.md declares a Salesforce CLI dependency and token environment variable, while the registry metadata supplied for review lists no required binaries, env vars, or install spec. The dependency itself is purpose-aligned, but the registry metadata is incomplete.
metadata: {"moltbot":{"requires":{"bins":["sf"],"env":["SALESFORCE_ACCESS_TOKEN"]},"primaryEnv":"SALESFORCE_ACCESS_TOKEN","install":[{"id":"npm","kind":"node","package":"@salesforce/cli","bins":["sf"]},{"id":"brew","kind":"brew","formula":"salesforce-cli","bins":["sf"]}]}}Update registry metadata to declare the Salesforce CLI dependency, supported install methods, and any optional or required Salesforce credential environment variables.