ClawHub

Salesforce

Salesforce CRM API integration with managed OAuth. Query records with SOQL, manage sObjects (Contacts, Accounts, Leads, Opportunities), and perform batch operations. Use this skill when users want to interact with Salesforce data. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).

MIT-0 · Free to use, modify, and redistribute. No attribution required.
8 · 16.9k · 6 current installs · 8 all-time installs
by@byungkyu
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Salesforce CRM integration) match the runtime instructions: all example calls target Maton-managed endpoints that proxy Salesforce. Requesting a single MATON_API_KEY is consistent with a managed-OAuth gateway service.
Instruction Scope
SKILL.md only contains example HTTP calls and Python snippets that read MATON_API_KEY and call Maton endpoints (gateway.maton.ai, ctrl.maton.ai, connect.maton.ai, maton.ai). This stays within the Salesforce-integration scope, but note that traffic and OAuth flows are proxied through Maton rather than calling salesforce.com directly — users must trust Maton for access to their Salesforce data.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk (nothing is written to disk or fetched at install time).
Credentials
The only required env var is MATON_API_KEY, which is appropriate for a proxy/gateway API. Minor metadata inconsistency: registry metadata lists 'Primary credential: none' while SKILL.md requires MATON_API_KEY; this appears to be a documentation/metadata mismatch but not a functional problem.
Persistence & Privilege
always:false and no config paths requested. The skill allows autonomous invocation (disable-model-invocation:false) which is the platform default; that is expected for a callable integration but means the agent can call this skill when eligible.
Assessment
This skill proxies Salesforce API calls through Maton (gateway.maton.ai) and requires a MATON_API_KEY — installing it gives that key (and thus Maton) the ability to act on your Salesforce connections. Before installing: 1) Confirm you trust Maton (review maton.ai privacy/security docs and the account that issued your API key). 2) Use least-privilege keys and, if possible, a Salesforce sandbox connection for testing. 3) Store MATON_API_KEY securely (not in shared repos) and be prepared to rotate/revoke it if you suspect misuse. 4) Note the small metadata mismatch (no primary credential listed in registry) — this is likely cosmetic but verify the key is the intended authentication mechanism. 5) Because the agent can invoke the skill autonomously, consider whether you want automated operations against your Salesforce data; if not, restrict invocation or require explicit user confirmation before executing data-modifying calls.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.4
Download zip
latestvk978pmbbb5sab2cevjqab0v89x80wzf1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

SKILL.md

Salesforce

Access the Salesforce REST API with managed OAuth authentication. Query records using SOQL, manage sObjects, and perform CRUD operations on your Salesforce data.

Quick Start

# Query contacts
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://gateway.maton.ai/salesforce/services/data/v59.0/query?q=SELECT+Id,Name,Email+FROM+Contact+LIMIT+10')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Base URL

https://gateway.maton.ai/salesforce/{native-api-path}

Replace {native-api-path} with the actual Salesforce REST API endpoint path. The gateway proxies requests to {instance}.salesforce.com (automatically replaced with your connection config) and injects your access token.

Authentication

All requests require the Maton API key in the Authorization header:

Authorization: Bearer $MATON_API_KEY

Environment Variable: Set your API key as MATON_API_KEY:

export MATON_API_KEY="YOUR_API_KEY"

Getting Your API Key

  1. Sign in or create an account at maton.ai
  2. Go to maton.ai/settings
  3. Copy your API key

Connection Management

Manage your Salesforce OAuth connections at https://ctrl.maton.ai.

List Connections

python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://ctrl.maton.ai/connections?app=salesforce&status=ACTIVE')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Create Connection

python <<'EOF'
import urllib.request, os, json
data = json.dumps({'app': 'salesforce'}).encode()
req = urllib.request.Request('https://ctrl.maton.ai/connections', data=data, method='POST')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
req.add_header('Content-Type', 'application/json')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Get Connection

python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://ctrl.maton.ai/connections/{connection_id}')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Response:

{
  "connection": {
    "connection_id": "21fd90f9-5935-43cd-b6c8-bde9d915ca80",
    "status": "ACTIVE",
    "creation_time": "2025-12-08T07:20:53.488460Z",
    "last_updated_time": "2026-01-31T20:03:32.593153Z",
    "url": "https://connect.maton.ai/?session_token=...",
    "app": "salesforce",
    "metadata": {}
  }
}

Open the returned url in a browser to complete OAuth authorization.

Delete Connection

python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://ctrl.maton.ai/connections/{connection_id}', method='DELETE')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Specifying Connection

If you have multiple Salesforce connections, specify which one to use with the Maton-Connection header:

python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://gateway.maton.ai/salesforce/services/data/v59.0/sobjects')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
req.add_header('Maton-Connection', '21fd90f9-5935-43cd-b6c8-bde9d915ca80')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

If omitted, the gateway uses the default (oldest) active connection.

API Reference

SOQL Query

GET /salesforce/services/data/v59.0/query?q=SELECT+Id,Name+FROM+Contact+LIMIT+10

Complex query:

GET /salesforce/services/data/v59.0/query?q=SELECT+Id,Name,Email+FROM+Contact+WHERE+Email+LIKE+'%example.com'+ORDER+BY+CreatedDate+DESC

Get Object

GET /salesforce/services/data/v59.0/sobjects/{objectType}/{recordId}

Example:

GET /salesforce/services/data/v59.0/sobjects/Contact/003XXXXXXXXXXXXXXX

Create Object

POST /salesforce/services/data/v59.0/sobjects/{objectType}
Content-Type: application/json

{
  "FirstName": "John",
  "LastName": "Doe",
  "Email": "john@example.com"
}

Update Object

PATCH /salesforce/services/data/v59.0/sobjects/{objectType}/{recordId}
Content-Type: application/json

{
  "Phone": "+1234567890"
}

Delete Object

DELETE /salesforce/services/data/v59.0/sobjects/{objectType}/{recordId}

Describe Object (get schema)

GET /salesforce/services/data/v59.0/sobjects/{objectType}/describe

List Objects

GET /salesforce/services/data/v59.0/sobjects

Search (SOSL)

GET /salesforce/services/data/v59.0/search?q=FIND+{searchTerm}+IN+ALL+FIELDS+RETURNING+Contact(Id,Name)

Composite Request (batch multiple operations)

POST /salesforce/services/data/v59.0/composite
Content-Type: application/json

{
  "compositeRequest": [
    {
      "method": "GET",
      "url": "/services/data/v59.0/sobjects/Contact/003XXXXXXX",
      "referenceId": "contact1"
    },
    {
      "method": "GET",
      "url": "/services/data/v59.0/sobjects/Account/001XXXXXXX",
      "referenceId": "account1"
    }
  ]
}

Composite Batch Request

POST /salesforce/services/data/v59.0/composite/batch
Content-Type: application/json

{
  "batchRequests": [
    {"method": "GET", "url": "v59.0/sobjects/Contact/003XXXXXXX"},
    {"method": "GET", "url": "v59.0/sobjects/Account/001XXXXXXX"}
  ]
}

sObject Collections Create (batch create)

POST /salesforce/services/data/v59.0/composite/sobjects
Content-Type: application/json

{
  "allOrNone": true,
  "records": [
    {"attributes": {"type": "Contact"}, "FirstName": "John", "LastName": "Doe"},
    {"attributes": {"type": "Contact"}, "FirstName": "Jane", "LastName": "Smith"}
  ]
}

sObject Collections Delete (batch delete)

DELETE /salesforce/services/data/v59.0/composite/sobjects?ids=003XXXXX,003YYYYY&allOrNone=true

Get Updated Records

GET /salesforce/services/data/v59.0/sobjects/{objectType}/updated/?start=2026-01-30T00:00:00Z&end=2026-02-01T00:00:00Z

Get Deleted Records

GET /salesforce/services/data/v59.0/sobjects/{objectType}/deleted/?start=2026-01-30T00:00:00Z&end=2026-02-01T00:00:00Z

Get API Limits

GET /salesforce/services/data/v59.0/limits

List API Versions

GET /salesforce/services/data/

Common Objects

  • Account - Companies/Organizations
  • Contact - People associated with accounts
  • Lead - Potential customers
  • Opportunity - Sales deals
  • Case - Support cases
  • Task - To-do items
  • Event - Calendar events

Code Examples

JavaScript

const response = await fetch(
  'https://gateway.maton.ai/salesforce/services/data/v59.0/query?q=SELECT+Id,Name+FROM+Contact+LIMIT+5',
  {
    headers: {
      'Authorization': `Bearer ${process.env.MATON_API_KEY}`
    }
  }
);
const data = await response.json();

Python

import os
import requests

response = requests.get(
    'https://gateway.maton.ai/salesforce/services/data/v59.0/query',
    headers={'Authorization': f'Bearer {os.environ["MATON_API_KEY"]}'},
    params={'q': 'SELECT Id,Name FROM Contact LIMIT 5'}
)

Notes

  • Use URL encoding for SOQL queries (spaces become +)
  • Record IDs are 15 or 18 character alphanumeric strings
  • API version (v59.0) can be adjusted; latest is v65.0
  • Update and Delete operations return HTTP 204 (no content) on success
  • Dates for updated/deleted queries use ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ
  • Use allOrNone: true in batch operations for atomic transactions
  • IMPORTANT: When using curl commands, use curl -g when URLs contain brackets (fields[], sort[], records[]) to disable glob parsing
  • IMPORTANT: When piping curl output to jq or other commands, environment variables like $MATON_API_KEY may not expand correctly in some shell environments. You may get "Invalid API key" errors when piping.

Error Handling

StatusMeaning
400Missing Salesforce connection
401Invalid or missing Maton API key
429Rate limited (10 req/sec per account)
4xx/5xxPassthrough error from Salesforce API

Troubleshooting: API Key Issues

  1. Check that the MATON_API_KEY environment variable is set:
echo $MATON_API_KEY
  1. Verify the API key is valid by listing connections:
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://ctrl.maton.ai/connections')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF

Troubleshooting: Invalid App Name

  1. Ensure your URL path starts with salesforce. For example:
  • Correct: https://gateway.maton.ai/salesforce/services/data/v59.0/query
  • Incorrect: https://gateway.maton.ai/services/data/v59.0/query

Resources

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…