@raishin/vanguard-frontier-agentic 2.3.0 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +1 -1
- package/.claude-plugin/plugin.json +31 -1
- package/.cursor-plugin/plugin.json +31 -1
- package/.github/plugin/marketplace.json +1 -1
- package/README.md +15 -12
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/AGENT.md +1 -1
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/claude-code.agent.md +1 -1
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/copilot.agent.md +1 -1
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/cursor.agent.md +1 -1
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/gemini.agent.md +1 -1
- package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-ide.agent.md +1 -1
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/AGENT.md +2 -2
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/claude-code.agent.md +2 -2
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/copilot.agent.md +2 -2
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/cursor.agent.md +2 -2
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/gemini.agent.md +2 -2
- package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-ide.agent.md +2 -2
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/AGENT.md +3 -3
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/claude-code.agent.md +3 -3
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/copilot.agent.md +3 -3
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/cursor.agent.md +3 -3
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/gemini.agent.md +3 -3
- package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-ide.agent.md +3 -3
- package/agents/hetzner/README.md +1 -1
- package/agents/oci/oci-devops-container-platform-engineer-agent/AGENT.md +1 -1
- package/agents/oci/oci-exadata-platform-architect-agent/AGENT.md +1 -1
- package/agents/oci/oci-multi-cloud-architect-agent/AGENT.md +1 -1
- package/agents/prometheus/README.md +1 -1
- package/agents/qa/playwright-e2e-suite-review-agent/AGENT.md +3 -3
- package/agents/qa/playwright-e2e-suite-review-agent/harnesses/claude-code.agent.md +3 -3
- package/agents/qa/playwright-e2e-suite-review-agent/harnesses/copilot.agent.md +3 -3
- package/agents/qa/playwright-e2e-suite-review-agent/harnesses/cursor.agent.md +3 -3
- package/agents/qa/playwright-e2e-suite-review-agent/harnesses/gemini.agent.md +3 -3
- package/agents/qa/playwright-e2e-suite-review-agent/harnesses/kiro-ide.agent.md +3 -3
- package/agents/salesforce/AGENTS.md +31 -0
- package/agents/salesforce/README.md +135 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/AGENT.md +117 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/LEAST-PRIVILEGES.md +91 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/claude-code.agent.md +69 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/copilot.agent.md +69 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/cursor.agent.md +69 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/gemini.agent.md +69 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-ide.agent.md +69 -0
- package/agents/salesforce/salesforce-adaptive-access-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/AGENT.md +126 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/LEAST-PRIVILEGES.md +92 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/claude-code.agent.md +81 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/copilot.agent.md +81 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/cursor.agent.md +81 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/gemini.agent.md +81 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-ide.agent.md +49 -0
- package/agents/salesforce/salesforce-agentforce-ai-agent/metadata.json +41 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/AGENT.md +119 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/LEAST-PRIVILEGES.md +81 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/claude-code.agent.md +75 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/copilot.agent.md +75 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/cursor.agent.md +75 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/gemini.agent.md +75 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-ide.agent.md +45 -0
- package/agents/salesforce/salesforce-analytics-tableau-agent/metadata.json +41 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/AGENT.md +112 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/LEAST-PRIVILEGES.md +86 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/claude-code.agent.md +50 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/copilot.agent.md +50 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/cursor.agent.md +50 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/gemini.agent.md +50 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-ide.agent.md +50 -0
- package/agents/salesforce/salesforce-app-builder-automation-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-business-analyst-agent/AGENT.md +110 -0
- package/agents/salesforce/salesforce-business-analyst-agent/LEAST-PRIVILEGES.md +89 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/claude-code.agent.md +48 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/copilot.agent.md +48 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/cursor.agent.md +48 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/gemini.agent.md +48 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-ide.agent.md +48 -0
- package/agents/salesforce/salesforce-business-analyst-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/AGENT.md +112 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/LEAST-PRIVILEGES.md +81 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/claude-code.agent.md +66 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/copilot.agent.md +66 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/cursor.agent.md +66 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/gemini.agent.md +66 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-ide.agent.md +66 -0
- package/agents/salesforce/salesforce-certificate-lifecycle-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/AGENT.md +121 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/LEAST-PRIVILEGES.md +87 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/claude-code.agent.md +74 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/copilot.agent.md +74 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/cursor.agent.md +74 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/gemini.agent.md +74 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-ide.agent.md +74 -0
- package/agents/salesforce/salesforce-change-impact-analyst-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/AGENT.md +119 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/LEAST-PRIVILEGES.md +88 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/claude-code.agent.md +67 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/copilot.agent.md +67 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/cursor.agent.md +67 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/gemini.agent.md +67 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-ide.agent.md +67 -0
- package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/metadata.json +31 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/AGENT.md +130 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/LEAST-PRIVILEGES.md +85 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/claude-code.agent.md +84 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/copilot.agent.md +84 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/cursor.agent.md +84 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/gemini.agent.md +84 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-ide.agent.md +49 -0
- package/agents/salesforce/salesforce-compliance-privacy-agent/metadata.json +41 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/LEAST-PRIVILEGES.md +90 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/claude-code.agent.md +64 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/copilot.agent.md +64 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/cursor.agent.md +64 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/gemini.agent.md +64 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-ide.agent.md +64 -0
- package/agents/salesforce/salesforce-continuous-verification-agent/metadata.json +31 -0
- package/agents/salesforce/salesforce-data-architecture-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-data-architecture-agent/LEAST-PRIVILEGES.md +92 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/claude-code.agent.md +49 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/copilot.agent.md +49 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/cursor.agent.md +49 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/gemini.agent.md +49 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-ide.agent.md +49 -0
- package/agents/salesforce/salesforce-data-architecture-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-development-agent/AGENT.md +114 -0
- package/agents/salesforce/salesforce-development-agent/LEAST-PRIVILEGES.md +89 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/claude-code.agent.md +50 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/copilot.agent.md +50 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/cursor.agent.md +50 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/gemini.agent.md +50 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-development-agent/harnesses/kiro-ide.agent.md +50 -0
- package/agents/salesforce/salesforce-development-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-devops-release-agent/AGENT.md +115 -0
- package/agents/salesforce/salesforce-devops-release-agent/LEAST-PRIVILEGES.md +90 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/claude-code.agent.md +51 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/copilot.agent.md +51 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/cursor.agent.md +51 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/gemini.agent.md +51 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-ide.agent.md +51 -0
- package/agents/salesforce/salesforce-devops-release-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/AGENT.md +128 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/LEAST-PRIVILEGES.md +92 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/claude-code.agent.md +81 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/copilot.agent.md +81 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/cursor.agent.md +81 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/gemini.agent.md +81 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-ide.agent.md +49 -0
- package/agents/salesforce/salesforce-enterprise-architect-agent/metadata.json +41 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/AGENT.md +124 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/LEAST-PRIVILEGES.md +80 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/claude-code.agent.md +79 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/copilot.agent.md +79 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/cursor.agent.md +79 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/gemini.agent.md +79 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-ide.agent.md +59 -0
- package/agents/salesforce/salesforce-experience-cloud-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/LEAST-PRIVILEGES.md +80 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/claude-code.agent.md +72 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/codex.toml +28 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/copilot.agent.md +72 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/cursor.agent.md +72 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/gemini.agent.md +72 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-ide.agent.md +72 -0
- package/agents/salesforce/salesforce-hyperforce-security-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/AGENT.md +125 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/LEAST-PRIVILEGES.md +88 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/claude-code.agent.md +80 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/codex.toml +41 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/copilot.agent.md +80 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/cursor.agent.md +80 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/gemini.agent.md +80 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
- package/agents/salesforce/salesforce-industry-cloud-agent/metadata.json +42 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/AGENT.md +115 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/LEAST-PRIVILEGES.md +91 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/claude-code.agent.md +50 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/copilot.agent.md +50 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/cursor.agent.md +50 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/gemini.agent.md +50 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-ide.agent.md +50 -0
- package/agents/salesforce/salesforce-integration-mulesoft-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-live-guard-agent/AGENT.md +126 -0
- package/agents/salesforce/salesforce-live-guard-agent/LEAST-PRIVILEGES.md +100 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/claude-code.agent.md +85 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/codex.toml +50 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/copilot.agent.md +85 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/cursor.agent.md +85 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/gemini.agent.md +85 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-ide.agent.md +58 -0
- package/agents/salesforce/salesforce-live-guard-agent/metadata.json +39 -0
- package/agents/salesforce/salesforce-maestro-agent/AGENT.md +77 -0
- package/agents/salesforce/salesforce-maestro-agent/LEAST-PRIVILEGES.md +93 -0
- package/agents/salesforce/salesforce-maestro-agent/README.md +593 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/claude-code.agent.md +65 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/codex.toml +66 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/copilot.agent.md +65 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/cursor.agent.md +65 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/gemini.agent.md +65 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-ide.agent.md +65 -0
- package/agents/salesforce/salesforce-maestro-agent/metadata.json +38 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/AGENT.md +124 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/LEAST-PRIVILEGES.md +86 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/claude-code.agent.md +78 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/codex.toml +34 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/copilot.agent.md +78 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/cursor.agent.md +78 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/gemini.agent.md +78 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
- package/agents/salesforce/salesforce-marketing-cloud-agent/metadata.json +41 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/LEAST-PRIVILEGES.md +87 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/claude-code.agent.md +72 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/codex.toml +28 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/copilot.agent.md +72 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/cursor.agent.md +72 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/gemini.agent.md +72 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-ide.agent.md +72 -0
- package/agents/salesforce/salesforce-network-policy-architect-agent/metadata.json +31 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/LEAST-PRIVILEGES.md +88 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/claude-code.agent.md +49 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/copilot.agent.md +49 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/cursor.agent.md +49 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/gemini.agent.md +49 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-ide.agent.md +49 -0
- package/agents/salesforce/salesforce-platform-admin-review-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/AGENT.md +115 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/LEAST-PRIVILEGES.md +83 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/claude-code.agent.md +50 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/copilot.agent.md +50 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/cursor.agent.md +50 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/gemini.agent.md +50 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-ide.agent.md +50 -0
- package/agents/salesforce/salesforce-sales-cloud-revenue-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/AGENT.md +120 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/LEAST-PRIVILEGES.md +80 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/claude-code.agent.md +72 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/codex.toml +30 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/copilot.agent.md +72 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/cursor.agent.md +72 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/gemini.agent.md +72 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-ide.agent.md +72 -0
- package/agents/salesforce/salesforce-sandbox-governance-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/AGENT.md +113 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/LEAST-PRIVILEGES.md +90 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/claude-code.agent.md +71 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/codex.toml +28 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/copilot.agent.md +71 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/cursor.agent.md +71 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/gemini.agent.md +71 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-ide.agent.md +71 -0
- package/agents/salesforce/salesforce-sandbox-isolation-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/AGENT.md +118 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/LEAST-PRIVILEGES.md +85 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/claude-code.agent.md +52 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/codex.toml +36 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/copilot.agent.md +52 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/cursor.agent.md +52 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/gemini.agent.md +52 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-ide.agent.md +52 -0
- package/agents/salesforce/salesforce-security-identity-access-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-service-field-service-agent/AGENT.md +115 -0
- package/agents/salesforce/salesforce-service-field-service-agent/LEAST-PRIVILEGES.md +82 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/claude-code.agent.md +50 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/copilot.agent.md +50 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/cursor.agent.md +50 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/gemini.agent.md +50 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-ide.agent.md +50 -0
- package/agents/salesforce/salesforce-service-field-service-agent/metadata.json +40 -0
- package/agents/salesforce/salesforce-session-governance-agent/AGENT.md +116 -0
- package/agents/salesforce/salesforce-session-governance-agent/LEAST-PRIVILEGES.md +91 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/claude-code.agent.md +74 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/codex.toml +28 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/copilot.agent.md +74 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/cursor.agent.md +74 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/gemini.agent.md +74 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-ide.agent.md +74 -0
- package/agents/salesforce/salesforce-session-governance-agent/metadata.json +30 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/AGENT.md +123 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/LEAST-PRIVILEGES.md +86 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/claude-code.agent.md +79 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/codex.toml +35 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/copilot.agent.md +79 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/cursor.agent.md +79 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/gemini.agent.md +79 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-cli.agent.json +5 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-ide.agent.md +48 -0
- package/agents/salesforce/salesforce-slack-collaboration-agent/metadata.json +41 -0
- package/assets/logos/cloud/salesforce/salesforce.svg +34 -0
- package/catalog/agents.json +1451 -283
- package/catalog/asset-integrity.json +2152 -327
- package/catalog/install-roles.json +68 -0
- package/catalog/skill-manifest.json +1040 -155
- package/catalog/skills.json +1242 -262
- package/package.json +3 -2
- package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
- package/powers/vanguard-salesforce/POWER.md +42 -0
- package/schemas/agent.schema.json +2 -1
- package/schemas/skill.frontmatter.schema.json +33 -3
- package/schemas/skill.schema.json +2 -1
- package/scripts/export-marketplace-agents.mjs +17 -1
- package/scripts/generate-kiro-powers.mjs +12 -0
- package/scripts/release-prepare.mjs +35 -0
- package/skills/aws/aws-agentcore/references/official-sources.md +19 -19
- package/skills/aws/aws-generative-ai-developer/references/official-sources.md +10 -10
- package/skills/azure/azure-ai-foundry-ops-governor/references/workflow-and-output.md +2 -2
- package/skills/azure/azure-aks-platform-operator/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-app-service-production-readiness/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-cosmosdb-application-developer/references/official-sources.md +11 -11
- package/skills/azure/azure-cosmosdb-performance-investigator/references/official-sources.md +11 -11
- package/skills/azure/azure-cosmosdb-platform-operator/references/official-sources.md +10 -10
- package/skills/azure/azure-cost-estimation-review/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-cost-optimization-governor/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-entra-id-specialist/references/official-sources.md +28 -28
- package/skills/azure/azure-identity-governance-review/references/official-sources.md +11 -11
- package/skills/azure/azure-identity-governance-review/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-key-vault-secret-lifecycle-auditor/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-migrate-landing-zone-cutover/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-platform-automation-devops/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-private-endpoint-adoption-planner/references/workflow-and-output.md +1 -1
- package/skills/azure/azure-resource-health-incident-triage/references/workflow-and-output.md +6 -6
- package/skills/azure/azure-subscription-resource-organization/references/workflow-and-output.md +1 -1
- package/skills/cross-functional/salesforce-case-capsule/SKILL.md +164 -0
- package/skills/cross-functional/salesforce-case-capsule/metadata.json +19 -0
- package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/SKILL.md +165 -0
- package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/metadata.json +19 -0
- package/skills/cross-functional/salesforce-live-change-approval-protocol/SKILL.md +118 -0
- package/skills/cross-functional/salesforce-live-change-approval-protocol/metadata.json +19 -0
- package/skills/cross-functional/salesforce-risk-taxonomy/SKILL.md +162 -0
- package/skills/cross-functional/salesforce-risk-taxonomy/metadata.json +19 -0
- package/skills/cross-functional/salesforce-routing-protocol/SKILL.md +159 -0
- package/skills/cross-functional/salesforce-routing-protocol/metadata.json +19 -0
- package/skills/dotnet/dotnet-aspnetcore-api-review/SKILL.md +1 -1
- package/skills/dotnet/dotnet-aspnetcore-api-review/references/workflow-and-output.md +2 -2
- package/skills/dotnet/dotnet-csharp-runtime-review/SKILL.md +2 -2
- package/skills/dotnet/dotnet-csharp-runtime-review/references/workflow-and-output.md +7 -7
- package/skills/dotnet/dotnet-efcore-data-access-review/SKILL.md +4 -4
- package/skills/dotnet/dotnet-efcore-data-access-review/references/workflow-and-output.md +3 -3
- package/skills/dotnet/dotnet-performance-aot-review/references/workflow-and-output.md +1 -1
- package/skills/dotnet/dotnet-testing-quality-review/SKILL.md +1 -1
- package/skills/dotnet/dotnet-testing-quality-review/references/workflow-and-output.md +2 -2
- package/skills/finops/focus-spec-normalizer/references/focus-columns.md +2 -2
- package/skills/gcp/gcp-alloydb-ai-developer/SKILL.md +1 -1
- package/skills/gcp/gcp-gemini-api-developer/SKILL.md +2 -2
- package/skills/nvidia/nvidia-model-promotion-gatekeeper/SKILL.md +1 -1
- package/skills/nvidia/nvidia-model-promotion-gatekeeper/references/allowlist-commands.md +1 -1
- package/skills/oci/oci-compute-platform-operator/SKILL.md +0 -2
- package/skills/oci/oci-cost-finops-analyst/SKILL.md +0 -2
- package/skills/oci/oci-database-platform-dba/SKILL.md +0 -2
- package/skills/oci/oci-devops-container-platform-engineer/SKILL.md +0 -2
- package/skills/oci/oci-identity-access-governor/SKILL.md +0 -2
- package/skills/oci/oci-multi-cloud-architect/SKILL.md +0 -2
- package/skills/oci/oci-network-architect/SKILL.md +0 -2
- package/skills/oci/oci-observability-incident-responder/SKILL.md +0 -2
- package/skills/oci/oci-security-compliance-reviewer/SKILL.md +0 -2
- package/skills/oci/oci-solution-architect/SKILL.md +1 -3
- package/skills/oci/oci-storage-backup-steward/SKILL.md +0 -2
- package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +1 -1
- package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +4 -4
- package/skills/qa/ci-test-pipeline-review/references/workflow-and-output.md +1 -1
- package/skills/qa/llm-ai-pipeline-test-review/references/workflow-and-output.md +1 -1
- package/skills/qa/playwright-e2e-suite-review/SKILL.md +4 -4
- package/skills/qa/playwright-e2e-suite-review/references/workflow-and-output.md +12 -12
- package/skills/qa/plc-control-logic-safety-review/references/workflow-and-output.md +2 -2
- package/skills/qa/test-coverage-quality-review/SKILL.md +1 -1
- package/skills/qa/test-coverage-quality-review/references/workflow-and-output.md +8 -8
- package/skills/qa/test-flakiness-triage/SKILL.md +1 -1
- package/skills/qa/test-flakiness-triage/references/workflow-and-output.md +1 -1
- package/skills/salesforce/README.md +117 -0
- package/skills/salesforce/salesforce-agentforce-risk-review-skill/SKILL.md +206 -0
- package/skills/salesforce/salesforce-agentforce-risk-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/action-safety-matrix.md +160 -0
- package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/agentforce-anti-patterns.md +193 -0
- package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/grounding-source-evaluation.md +162 -0
- package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/SKILL.md +557 -0
- package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/metadata.json +41 -0
- package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/observability-rubric.md +219 -0
- package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/privacy-redaction.md +240 -0
- package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/stdm-queries.md +436 -0
- package/skills/salesforce/salesforce-apex-generator-skill/SKILL.md +307 -0
- package/skills/salesforce/salesforce-apex-generator-skill/metadata.json +30 -0
- package/skills/salesforce/salesforce-apex-generator-skill/references/apex-patterns.md +224 -0
- package/skills/salesforce/salesforce-apex-generator-skill/references/governor-limits.md +175 -0
- package/skills/salesforce/salesforce-apex-generator-skill/references/security-defaults.md +155 -0
- package/skills/salesforce/salesforce-apex-log-analyzer-skill/SKILL.md +360 -0
- package/skills/salesforce/salesforce-apex-log-analyzer-skill/metadata.json +38 -0
- package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/governor-limit-signatures.md +174 -0
- package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/log-format-reference.md +154 -0
- package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/redaction-rules.md +178 -0
- package/skills/salesforce/salesforce-apex-lwc-code-review-skill/SKILL.md +195 -0
- package/skills/salesforce/salesforce-apex-lwc-code-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/apex-anti-patterns.md +270 -0
- package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/governor-limits-reference.md +198 -0
- package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/lwc-security.md +206 -0
- package/skills/salesforce/salesforce-apex-test-generator-skill/SKILL.md +274 -0
- package/skills/salesforce/salesforce-apex-test-generator-skill/metadata.json +29 -0
- package/skills/salesforce/salesforce-apex-test-generator-skill/references/assertion-patterns.md +174 -0
- package/skills/salesforce/salesforce-apex-test-generator-skill/references/async-testing.md +217 -0
- package/skills/salesforce/salesforce-apex-test-generator-skill/references/test-data-factory.md +174 -0
- package/skills/salesforce/salesforce-apex-test-runner-skill/SKILL.md +344 -0
- package/skills/salesforce/salesforce-apex-test-runner-skill/metadata.json +37 -0
- package/skills/salesforce/salesforce-apex-test-runner-skill/references/cli-commands.md +162 -0
- package/skills/salesforce/salesforce-apex-test-runner-skill/references/coverage-analysis.md +107 -0
- package/skills/salesforce/salesforce-apex-test-runner-skill/references/failure-diagnosis.md +187 -0
- package/skills/salesforce/salesforce-bulk-data-ops-skill/SKILL.md +356 -0
- package/skills/salesforce/salesforce-bulk-data-ops-skill/metadata.json +29 -0
- package/skills/salesforce/salesforce-bulk-data-ops-skill/references/anonymous-apex-patterns.md +380 -0
- package/skills/salesforce/salesforce-bulk-data-ops-skill/references/data-loader-templates.md +209 -0
- package/skills/salesforce/salesforce-bulk-data-ops-skill/references/rollback-strategy.md +209 -0
- package/skills/salesforce/salesforce-deployment-validator-skill/SKILL.md +380 -0
- package/skills/salesforce/salesforce-deployment-validator-skill/metadata.json +37 -0
- package/skills/salesforce/salesforce-deployment-validator-skill/references/cli-commands.md +264 -0
- package/skills/salesforce/salesforce-deployment-validator-skill/references/production-refusal-rules.md +243 -0
- package/skills/salesforce/salesforce-deployment-validator-skill/references/test-selection-strategy.md +250 -0
- package/skills/salesforce/salesforce-devsecops-pipeline-skill/SKILL.md +195 -0
- package/skills/salesforce/salesforce-devsecops-pipeline-skill/metadata.json +19 -0
- package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/change-impact-categories.md +216 -0
- package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sandbox-masking-strategy.md +193 -0
- package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sca-rule-catalog.md +226 -0
- package/skills/salesforce/salesforce-field-mapping-skill/SKILL.md +348 -0
- package/skills/salesforce/salesforce-field-mapping-skill/metadata.json +29 -0
- package/skills/salesforce/salesforce-field-mapping-skill/references/api-name-normalization.md +141 -0
- package/skills/salesforce/salesforce-field-mapping-skill/references/picklist-value-mapping.md +245 -0
- package/skills/salesforce/salesforce-field-mapping-skill/references/type-mismatch-detection.md +187 -0
- package/skills/salesforce/salesforce-flow-automation-review-skill/SKILL.md +163 -0
- package/skills/salesforce/salesforce-flow-automation-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-flow-automation-review-skill/references/automation-conflict-matrix.md +193 -0
- package/skills/salesforce/salesforce-flow-automation-review-skill/references/fault-path-design.md +189 -0
- package/skills/salesforce/salesforce-flow-automation-review-skill/references/flow-anti-patterns.md +211 -0
- package/skills/salesforce/salesforce-flow-debugger-skill/SKILL.md +355 -0
- package/skills/salesforce/salesforce-flow-debugger-skill/metadata.json +35 -0
- package/skills/salesforce/salesforce-flow-debugger-skill/references/fault-path-design.md +175 -0
- package/skills/salesforce/salesforce-flow-debugger-skill/references/flow-error-patterns.md +247 -0
- package/skills/salesforce/salesforce-flow-debugger-skill/references/interview-log-redaction.md +171 -0
- package/skills/salesforce/salesforce-infrastructure-audit-skill/SKILL.md +137 -0
- package/skills/salesforce/salesforce-infrastructure-audit-skill/metadata.json +19 -0
- package/skills/salesforce/salesforce-infrastructure-audit-skill/references/hyperforce-deployment-controls.md +181 -0
- package/skills/salesforce/salesforce-infrastructure-audit-skill/references/network-policy-reference.md +200 -0
- package/skills/salesforce/salesforce-infrastructure-audit-skill/references/session-policy-reference.md +219 -0
- package/skills/salesforce/salesforce-integration-review-skill/SKILL.md +186 -0
- package/skills/salesforce/salesforce-integration-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-integration-review-skill/references/integration-anti-patterns.md +280 -0
- package/skills/salesforce/salesforce-integration-review-skill/references/integration-pattern-reference.md +239 -0
- package/skills/salesforce/salesforce-integration-review-skill/references/named-credential-design.md +211 -0
- package/skills/salesforce/salesforce-marketing-consent-review-skill/SKILL.md +204 -0
- package/skills/salesforce/salesforce-marketing-consent-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-anti-patterns.md +247 -0
- package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-model-reference.md +205 -0
- package/skills/salesforce/salesforce-marketing-consent-review-skill/references/regulatory-mapping.md +192 -0
- package/skills/salesforce/salesforce-metadata-fetcher-skill/SKILL.md +418 -0
- package/skills/salesforce/salesforce-metadata-fetcher-skill/metadata.json +50 -0
- package/skills/salesforce/salesforce-metadata-fetcher-skill/references/cli-commands.md +347 -0
- package/skills/salesforce/salesforce-metadata-fetcher-skill/references/delegation-routing.md +416 -0
- package/skills/salesforce/salesforce-metadata-fetcher-skill/references/sanitization-rules.md +392 -0
- package/skills/salesforce/salesforce-metadata-review-skill/SKILL.md +148 -0
- package/skills/salesforce/salesforce-metadata-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-metadata-review-skill/references/deprecated-metadata.md +217 -0
- package/skills/salesforce/salesforce-metadata-review-skill/references/field-hygiene-rules.md +182 -0
- package/skills/salesforce/salesforce-metadata-review-skill/references/object-design-patterns.md +187 -0
- package/skills/salesforce/salesforce-org-assessment-skill/SKILL.md +137 -0
- package/skills/salesforce/salesforce-org-assessment-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-org-assessment-skill/references/assessment-rubric.md +228 -0
- package/skills/salesforce/salesforce-org-assessment-skill/references/risk-register-template.md +211 -0
- package/skills/salesforce/salesforce-org-assessment-skill/references/tech-debt-indicators.md +252 -0
- package/skills/salesforce/salesforce-permission-model-review-skill/SKILL.md +165 -0
- package/skills/salesforce/salesforce-permission-model-review-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-permission-model-review-skill/references/fls-review-patterns.md +235 -0
- package/skills/salesforce/salesforce-permission-model-review-skill/references/permission-set-strategy.md +203 -0
- package/skills/salesforce/salesforce-permission-model-review-skill/references/toxic-combinations.md +228 -0
- package/skills/salesforce/salesforce-release-readiness-skill/SKILL.md +185 -0
- package/skills/salesforce/salesforce-release-readiness-skill/metadata.json +18 -0
- package/skills/salesforce/salesforce-release-readiness-skill/references/release-checklist.md +191 -0
- package/skills/salesforce/salesforce-release-readiness-skill/references/rollback-strategy.md +234 -0
- package/skills/salesforce/salesforce-release-readiness-skill/references/test-coverage-strategy.md +314 -0
- package/skills/salesforce/salesforce-soql-explorer-skill/SKILL.md +391 -0
- package/skills/salesforce/salesforce-soql-explorer-skill/metadata.json +35 -0
- package/skills/salesforce/salesforce-soql-explorer-skill/references/cli-commands.md +266 -0
- package/skills/salesforce/salesforce-soql-explorer-skill/references/least-privilege-scope.md +224 -0
- package/skills/salesforce/salesforce-soql-explorer-skill/references/safe-query-patterns.md +317 -0
- package/skills/salesforce/salesforce-soql-generator-skill/SKILL.md +305 -0
- package/skills/salesforce/salesforce-soql-generator-skill/metadata.json +25 -0
- package/skills/salesforce/salesforce-soql-generator-skill/references/common-patterns.md +293 -0
- package/skills/salesforce/salesforce-soql-generator-skill/references/governor-limits.md +171 -0
- package/skills/salesforce/salesforce-soql-generator-skill/references/soql-syntax-quickref.md +255 -0
- package/skills/salesforce/salesforce-validation-rule-writer-skill/SKILL.md +329 -0
- package/skills/salesforce/salesforce-validation-rule-writer-skill/metadata.json +28 -0
- package/skills/salesforce/salesforce-validation-rule-writer-skill/references/error-message-style.md +132 -0
- package/skills/salesforce/salesforce-validation-rule-writer-skill/references/formula-syntax-quickref.md +182 -0
- package/skills/salesforce/salesforce-validation-rule-writer-skill/references/validation-patterns.md +214 -0
- package/skills/salesforce/salesforce-zero-trust-maturity-skill/SKILL.md +164 -0
- package/skills/salesforce/salesforce-zero-trust-maturity-skill/metadata.json +19 -0
- package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/continuous-verification-patterns.md +209 -0
- package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/maturity-scoring-rubric.md +179 -0
- package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/nist-zta-pillars.md +194 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/001-happy-platform-admin-review.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/002-happy-business-analyst.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/003-happy-app-builder-automation.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/004-happy-development.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/005-happy-devops-release.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/006-happy-security-identity-access.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/007-happy-data-architecture.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/008-happy-integration-mulesoft.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/009-happy-sales-cloud-revenue.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/010-happy-marketing-cloud.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/011-happy-agentforce-ai.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/012-happy-analytics-tableau.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/013-happy-compliance-privacy.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/014-happy-network-policy-architect.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/015-happy-hyperforce-security.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/016-happy-sandbox-isolation.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/017-happy-session-governance.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/018-happy-continuous-verification.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/019-happy-certificate-lifecycle.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/020-happy-adaptive-access.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/021-happy-code-analyzer-orchestrator.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/022-happy-sandbox-governance.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/023-happy-change-impact-analyst.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-ambiguous.json +4 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-instruction-injection.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-01-live-org-deploy-guard.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-02-live-mass-delete-guard.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-03-live-release-to-prod-guard.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-persona-replacement.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/expected/adv-secrets-bait.json +6 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/001-happy-platform-admin-review.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/002-happy-business-analyst.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/003-happy-app-builder-automation.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/004-happy-development.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/005-happy-devops-release.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/006-happy-security-identity-access.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/007-happy-data-architecture.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/008-happy-integration-mulesoft.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/009-happy-sales-cloud-revenue.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/010-happy-marketing-cloud.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/011-happy-agentforce-ai.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/012-happy-analytics-tableau.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/013-happy-compliance-privacy.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/014-happy-network-policy-architect.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/015-happy-hyperforce-security.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/016-happy-sandbox-isolation.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/017-happy-session-governance.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/018-happy-continuous-verification.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/019-happy-certificate-lifecycle.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/020-happy-adaptive-access.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/021-happy-code-analyzer-orchestrator.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/022-happy-sandbox-governance.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/023-happy-change-impact-analyst.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-ambiguous.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-instruction-injection.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-01-live-org-deploy-guard.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-02-live-mass-delete-guard.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-03-live-release-to-prod-guard.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-persona-replacement.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/inputs/adv-secrets-bait.json +7 -0
- package/tests/fixtures/salesforce-maestro-routing/taxonomy.json +371 -0
- package/tests/test-vfa-export-coverage.test.mjs +8 -4
- package/tests/validate-catalog.py +12 -1
- package/tests/validate-plugin-manifest.py +11 -1
package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sandbox-masking-strategy.md
ADDED
|
@@ -0,0 +1,193 @@
|
|
|
1
|
+
# Sandbox Masking Strategy Reference
|
|
2
|
+
|
|
3
|
+
Guidelines for data masking in Salesforce sandboxes to protect PII, PHI, and
|
|
4
|
+
regulated data when refreshing from production.
|
|
5
|
+
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
## Why Masking Is Required
|
|
9
|
+
|
|
10
|
+
Sandbox environments are used by developers, QA engineers, ISV partners, and
|
|
11
|
+
consultants who typically should not access production customer data. Without
|
|
12
|
+
masking:
|
|
13
|
+
|
|
14
|
+
- PII violations under GDPR, CCPA, HIPAA, and similar regulations.
|
|
15
|
+
- Breach notification obligations if sandbox data is exposed.
|
|
16
|
+
- SOC 2 Type II non-conformance in access control controls.
|
|
17
|
+
|
|
18
|
+
Salesforce Sandbox Data Masking
|
|
19
|
+
is a licensed add-on product
|
|
20
|
+
(part of Salesforce Shield or available separately) that automates masking
|
|
21
|
+
during sandbox refresh. Orgs without the add-on must implement a post-refresh
|
|
22
|
+
masking flow.
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
## Classify Data Before Masking
|
|
27
|
+
|
|
28
|
+
### Classification Tiers
|
|
29
|
+
|
|
30
|
+
| Tier | Description | Masking Requirement |
|
|
31
|
+
|------|-------------|---------------------|
|
|
32
|
+
| Public | No restriction | Not required |
|
|
33
|
+
| Internal | Business-sensitive, no regulatory constraint | Pseudonymization recommended |
|
|
34
|
+
| Confidential | PII (name + email + phone when combined) | Mask or anonymize |
|
|
35
|
+
| Restricted | Financial data, account numbers, SSN/NI | Must mask or delete |
|
|
36
|
+
| Regulated | PHI (HIPAA), SPI (CCPA), special categories (GDPR) | Must mask; prefer deletion |
|
|
37
|
+
|
|
38
|
+
### Common Salesforce Fields by Tier
|
|
39
|
+
|
|
40
|
+
| Object | Field | Classification |
|
|
41
|
+
|--------|-------|----------------|
|
|
42
|
+
| Contact | Email | Confidential |
|
|
43
|
+
| Contact | Phone, MobilePhone | Confidential |
|
|
44
|
+
| Contact | MailingStreet + MailingCity | Confidential (combined) |
|
|
45
|
+
| Contact | SSN__c (custom) | Restricted |
|
|
46
|
+
| Account | BillingAddress | Internal |
|
|
47
|
+
| Lead | Email, Phone | Confidential |
|
|
48
|
+
| Individual | IndividualId | Restricted |
|
|
49
|
+
| HealthCloudGA__EhrPatient__c | All fields | Regulated (PHI) |
|
|
50
|
+
| FinServ__FinancialAccount__c | FinServ__Balance__c | Restricted |
|
|
51
|
+
|
|
52
|
+
---
|
|
53
|
+
|
|
54
|
+
## Masking Techniques
|
|
55
|
+
|
|
56
|
+
### 1. Deterministic Pseudonymization
|
|
57
|
+
|
|
58
|
+
Replace PII with a consistent synthetic value derived from a hash. Same input
|
|
59
|
+
always produces the same synthetic output, allowing relational integrity to be
|
|
60
|
+
maintained (foreign key lookups still work).
|
|
61
|
+
|
|
62
|
+
```apex
|
|
63
|
+
// Example: SHA-256-based email pseudonymization
|
|
64
|
+
public static String pseudonymizeEmail(String realEmail, String salt) {
|
|
65
|
+
Blob hash = Crypto.generateDigest('SHA-256',
|
|
66
|
+
Blob.valueOf(salt + realEmail.toLowerCase));
|
|
67
|
+
String hex = EncodingUtil.convertToHex(hash).left(12);
|
|
68
|
+
return hex + '@masked.example.com';
|
|
69
|
+
}
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
Use this when sandbox tests require consistent email across related records
|
|
73
|
+
(e.g., Contact.Email and Case.SuppliedEmail must match).
|
|
74
|
+
|
|
75
|
+
### 2. Randomization
|
|
76
|
+
|
|
77
|
+
Replace values with random synthetic data. Breaks relational integrity but is
|
|
78
|
+
simpler and sufficient for fields not used as join keys.
|
|
79
|
+
|
|
80
|
+
```apex
|
|
81
|
+
public static String randomEmail {
|
|
82
|
+
String chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
|
83
|
+
String localPart = '';
|
|
84
|
+
for (Integer i = 0; i < 8; i++) {
|
|
85
|
+
localPart += chars.charAt((Integer)(Math.random * chars.length));
|
|
86
|
+
}
|
|
87
|
+
return localPart + '@example-masked.org';
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
public static String randomPhone {
|
|
91
|
+
// Format: +1-555-RANDOM where RANDOM is 7 digits
|
|
92
|
+
Integer suffix = (Integer)(Math.random * 9000000) + 1000000;
|
|
93
|
+
return '+1-555-' + String.valueOf(suffix);
|
|
94
|
+
}
|
|
95
|
+
```
|
|
96
|
+
|
|
97
|
+
### 3. Nullification (Field Blanking)
|
|
98
|
+
|
|
99
|
+
Set sensitive fields to null. Simplest approach; use for fields that are not
|
|
100
|
+
required by sandbox tests.
|
|
101
|
+
|
|
102
|
+
```apex
|
|
103
|
+
List<Contact> contacts = [SELECT Id, SSN__c, CreditCardNumber__c FROM Contact LIMIT 10000];
|
|
104
|
+
for (Contact c : contacts) {
|
|
105
|
+
c.SSN__c = null;
|
|
106
|
+
c.CreditCardNumber__c = null;
|
|
107
|
+
}
|
|
108
|
+
Database.update(contacts, false);
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
### 4. Value Substitution with Realistic Patterns
|
|
112
|
+
|
|
113
|
+
Replace with realistic-looking but clearly fake data, useful for UI testing.
|
|
114
|
+
|
|
115
|
+
```apex
|
|
116
|
+
// Names from a fixed list clearly labeled as fake
|
|
117
|
+
static final List<String> FAKE_FIRST_NAMES = new List<String>{
|
|
118
|
+
'TestFirst', 'SampleFirst', 'DemoFirst', 'FakeFirst'
|
|
119
|
+
};
|
|
120
|
+
static final List<String> FAKE_LAST_NAMES = new List<String>{
|
|
121
|
+
'TestLast', 'SampleUser', 'DemoContact', 'MaskedRecord'
|
|
122
|
+
};
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
---
|
|
126
|
+
|
|
127
|
+
## Regulated-Vertical Considerations
|
|
128
|
+
|
|
129
|
+
### Healthcare (HIPAA)
|
|
130
|
+
|
|
131
|
+
HIPAA Safe Harbor requires 18 specific identifiers to be removed or masked:
|
|
132
|
+
- Names, geographic data below state level, all date elements (except year),
|
|
133
|
+
phone, fax, email, SSN, account numbers, license numbers, VINs, device
|
|
134
|
+
identifiers, URLs, IPs, biometric identifiers, full-face photos, and any
|
|
135
|
+
other unique identifying numbers.
|
|
136
|
+
|
|
137
|
+
In Salesforce Health Cloud
|
|
138
|
+
:
|
|
139
|
+
- `HealthCloudGA__EhrPatient__c` — delete all records or use fully synthetic patients.
|
|
140
|
+
- `HealthCloudGA__ClinicalEncounter__c` — delete or replace with synthetic.
|
|
141
|
+
- Custom PHI fields on standard objects — apply nullification or pseudonymization.
|
|
142
|
+
|
|
143
|
+
### Financial Services (GLBA / PCI-DSS)
|
|
144
|
+
|
|
145
|
+
- `FinServ__FinancialAccount__c`.`FinServ__Balance__c` — randomize to non-zero
|
|
146
|
+
dummy values (zero balances may cause test logic failures).
|
|
147
|
+
- Payment card data must NEVER appear in sandbox. Salesforce org-level
|
|
148
|
+
encryption and payment masking add-ons should prevent this from flowing in.
|
|
149
|
+
|
|
150
|
+
### GDPR / CCPA
|
|
151
|
+
|
|
152
|
+
Data subject rights requests apply to sandbox data if the sandbox contains
|
|
153
|
+
identifiable individuals. Masking eliminates this obligation for the sandbox.
|
|
154
|
+
|
|
155
|
+
---
|
|
156
|
+
|
|
157
|
+
## Post-Refresh Masking Execution Pattern
|
|
158
|
+
|
|
159
|
+
```
|
|
160
|
+
1. Sandbox refresh completes (new sandbox copy of production).
|
|
161
|
+
2. System Administrator runs masking Apex batch before granting access to sandbox.
|
|
162
|
+
3. Masking batch processes records in chunks of 200.
|
|
163
|
+
4. Masking audit record created: timestamp, operator, object counts masked.
|
|
164
|
+
5. Access granted to sandbox users only after masking audit record is created.
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
### Masking Sequence (dependency order)
|
|
168
|
+
|
|
169
|
+
Mask in this order to avoid foreign key constraint issues:
|
|
170
|
+
|
|
171
|
+
1. `Individual` object (master PII record)
|
|
172
|
+
2. `Contact` (linked to Individual)
|
|
173
|
+
3. `Lead`
|
|
174
|
+
4. `User` (non-system-admin users)
|
|
175
|
+
5. `Case` (SuppliedEmail, SuppliedName)
|
|
176
|
+
6. `CaseComment` (CommentBody may contain PII)
|
|
177
|
+
7. Custom regulated objects
|
|
178
|
+
|
|
179
|
+
---
|
|
180
|
+
|
|
181
|
+
## Sandbox Masking Checklist
|
|
182
|
+
|
|
183
|
+
- [ ] All production-refresh sandboxes have a masking job configured.
|
|
184
|
+
- [ ] Masking job runs automatically on refresh via Automation tool or manual
|
|
185
|
+
post-refresh runbook.
|
|
186
|
+
- [ ] Sandbox access is blocked (login disabled or IP restricted) until masking
|
|
187
|
+
job completes.
|
|
188
|
+
- [ ] Custom PII fields on standard objects are included in masking scope.
|
|
189
|
+
- [ ] External connected app credentials stored in Auth. Providers are rotated
|
|
190
|
+
post-refresh (they are copied from production but should not be active in sandbox).
|
|
191
|
+
- [ ] Outbound email is disabled in sandbox (Setup > Deliverability: System Email
|
|
192
|
+
Only) to prevent real emails reaching real customers.
|
|
193
|
+
- [ ] Named Credential endpoints are pointed to sandbox/mock counterparts.
|
|
@@ -0,0 +1,226 @@
|
|
|
1
|
+
# SCA Rule Catalog Reference
|
|
2
|
+
|
|
3
|
+
Static code analysis rules for Apex (PMD), Lightning Web Components (ESLint),
|
|
4
|
+
and JavaScript dependency scanning (RetireJS / npm audit) in Salesforce DevSecOps pipelines.
|
|
5
|
+
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
## PMD Rules for Apex
|
|
9
|
+
|
|
10
|
+
PMD is the standard static analysis tool for Apex. Rules are organized by
|
|
11
|
+
severity. The Salesforce DX CLI plugin `@salesforce/plugin-code-analyzer`
|
|
12
|
+
wraps PMD and can run these checks in pipeline steps.
|
|
13
|
+
|
|
14
|
+
### Critical Rules (block merge)
|
|
15
|
+
|
|
16
|
+
| Rule | Category | What It Catches |
|
|
17
|
+
|------|----------|----------------|
|
|
18
|
+
| `AvoidDmlStatementsInLoops` | Performance | DML inside for/while loops |
|
|
19
|
+
| `AvoidSoqlInLoops` | Performance | SOQL inside for/while loops |
|
|
20
|
+
| `ApexCRUDViolation` | Security | Missing object/field CRUD checks before DML |
|
|
21
|
+
| `ApexSharingViolations` | Security | Classes without `with sharing` declaration |
|
|
22
|
+
| `ApexSOQLInjection` | Security | Dynamic SOQL concatenation with user input |
|
|
23
|
+
| `ApexXSSFromURLParam` | Security | URL parameter inserted into page output |
|
|
24
|
+
| `ApexOpenRedirect` | Security | User-controlled redirect targets |
|
|
25
|
+
|
|
26
|
+
### High Rules (flag for review)
|
|
27
|
+
|
|
28
|
+
| Rule | Category | What It Catches |
|
|
29
|
+
|------|----------|----------------|
|
|
30
|
+
| `AvoidGlobalModifier` | Best Practice | Global scope on classes/methods |
|
|
31
|
+
| `ExcessiveClassLength` | Design | Classes > 1000 lines |
|
|
32
|
+
| `ExcessiveMethodLength` | Design | Methods > 100 lines |
|
|
33
|
+
| `CyclomaticComplexity` | Design | Complexity > 10 in a method |
|
|
34
|
+
| `NcssMethodCount` | Design | Non-comment source statements > 40 |
|
|
35
|
+
| `EmptyCatchBlock` | Error Prone | `catch(Exception e) {}` swallows errors |
|
|
36
|
+
| `EmptyStatementBlock` | Error Prone | Empty if/try/catch blocks |
|
|
37
|
+
| `AvoidHardcodingId` | Best Practice | 15/18-char Salesforce IDs in code |
|
|
38
|
+
| `UnusedLocalVariable` | Best Practice | Variables declared but never read |
|
|
39
|
+
| `OperationWithLimitsInLoop` | Performance | Limits checks inside loops |
|
|
40
|
+
|
|
41
|
+
### Medium Rules (advisory)
|
|
42
|
+
|
|
43
|
+
| Rule | Category | What It Catches |
|
|
44
|
+
|------|----------|----------------|
|
|
45
|
+
| `DebugsShouldUseLoggingLevel` | Best Practice | `System.debug` without LoggingLevel |
|
|
46
|
+
| `ApexDoc` | Documentation | Public methods without ApexDoc comments |
|
|
47
|
+
| `OneDeclarationPerLine` | Code Style | Multiple variable declarations on one line |
|
|
48
|
+
| `FieldDeclarationsShouldBeAtStart` | Code Style | Fields declared mid-class |
|
|
49
|
+
|
|
50
|
+
### Running PMD in CI
|
|
51
|
+
|
|
52
|
+
```bash
|
|
53
|
+
# Salesforce Code Analyzer CLI plugin
|
|
54
|
+
sf scanner run \
|
|
55
|
+
--target "force-app/main/default/classes/**/*.cls" \
|
|
56
|
+
--engine pmd \
|
|
57
|
+
--ruleset "category/apex/security.xml,category/apex/performance.xml" \
|
|
58
|
+
--severity-threshold 2 \
|
|
59
|
+
--format csv \
|
|
60
|
+
--outfile scan-results.csv
|
|
61
|
+
|
|
62
|
+
# Exit code > 0 if violations at or above threshold
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
Custom ruleset XML for project-specific exclusions:
|
|
66
|
+
```xml
|
|
67
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
68
|
+
<ruleset name="Project Custom Ruleset"
|
|
69
|
+
xmlns="http://pmd.sourceforge.net/ruleset/2.0.0">
|
|
70
|
+
<description>Project-specific PMD configuration</description>
|
|
71
|
+
<rule ref="category/apex/security.xml">
|
|
72
|
+
<exclude name="ApexSuggestUsingNamedCredential"/> <!-- named creds not yet available -->
|
|
73
|
+
</rule>
|
|
74
|
+
<rule ref="category/apex/performance.xml"/>
|
|
75
|
+
</ruleset>
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
---
|
|
79
|
+
|
|
80
|
+
## ESLint Rules for LWC
|
|
81
|
+
|
|
82
|
+
The `@salesforce/eslint-config-lwc`
|
|
83
|
+
package provides recommended rules.
|
|
84
|
+
|
|
85
|
+
### Security-Critical ESLint Rules
|
|
86
|
+
|
|
87
|
+
| Rule | Severity | What It Catches |
|
|
88
|
+
|------|----------|----------------|
|
|
89
|
+
| `no-eval` | Error | Dynamic code execution via `eval` |
|
|
90
|
+
| `no-implied-eval` | Error | `setTimeout('string')` patterns |
|
|
91
|
+
| `no-inner-declarations` | Error | Functions declared inside blocks |
|
|
92
|
+
| `@locker/locker/distorted-xml-http-request-never-use-inner-html` | Error | XSS via innerHTML |
|
|
93
|
+
| `@salesforce/lwc/no-document-query` | Error | `document.querySelector` bypassing shadow DOM |
|
|
94
|
+
|
|
95
|
+
### LWC-Specific Rules
|
|
96
|
+
|
|
97
|
+
| Rule | Severity | What It Catches |
|
|
98
|
+
|------|----------|----------------|
|
|
99
|
+
| `@salesforce/lwc/no-api-reassignments` | Error | Mutating `@api` properties directly |
|
|
100
|
+
| `@salesforce/lwc/no-deprecated` | Warning | Deprecated LWC APIs |
|
|
101
|
+
| `@salesforce/lwc/no-leading-uppercase-api-name` | Error | API naming violations |
|
|
102
|
+
| `@salesforce/lwc/no-template-children` | Error | Accessing `this.template.children` |
|
|
103
|
+
| `@salesforce/lwc/consistent-component-name` | Warning | File name / class name mismatch |
|
|
104
|
+
|
|
105
|
+
### ESLint Configuration (`.eslintrc.json`)
|
|
106
|
+
|
|
107
|
+
```json
|
|
108
|
+
{
|
|
109
|
+
"extends": ["@salesforce/eslint-config-lwc/recommended"],
|
|
110
|
+
"rules": {
|
|
111
|
+
"no-eval": "error",
|
|
112
|
+
"no-implied-eval": "error",
|
|
113
|
+
"@salesforce/lwc/no-document-query": "error"
|
|
114
|
+
},
|
|
115
|
+
"overrides": [
|
|
116
|
+
{
|
|
117
|
+
"files": ["**/__tests__/**"],
|
|
118
|
+
"rules": {
|
|
119
|
+
"@salesforce/lwc/no-document-query": "off"
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
]
|
|
123
|
+
}
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
### Running ESLint in CI
|
|
127
|
+
|
|
128
|
+
```bash
|
|
129
|
+
# Install
|
|
130
|
+
npm install --save-dev @salesforce/eslint-config-lwc
|
|
131
|
+
|
|
132
|
+
# Run
|
|
133
|
+
npx eslint force-app/main/default/lwc \
|
|
134
|
+
--ext .js \
|
|
135
|
+
--format json \
|
|
136
|
+
--output-file eslint-results.json
|
|
137
|
+
|
|
138
|
+
# Non-zero exit if errors found
|
|
139
|
+
```
|
|
140
|
+
|
|
141
|
+
---
|
|
142
|
+
|
|
143
|
+
## RetireJS / npm audit CVE Patterns
|
|
144
|
+
|
|
145
|
+
### RetireJS
|
|
146
|
+
|
|
147
|
+
RetireJS scans JavaScript files and `package.json` for known vulnerable
|
|
148
|
+
library versions by comparing against a CVE database.
|
|
149
|
+
|
|
150
|
+
```bash
|
|
151
|
+
# Install
|
|
152
|
+
npm install -g retire
|
|
153
|
+
|
|
154
|
+
# Scan a project
|
|
155
|
+
retire --path force-app/main/default/staticresources \
|
|
156
|
+
--outputformat json \
|
|
157
|
+
--outputpath retire-results.json \
|
|
158
|
+
--severity medium # fail on medium and above
|
|
159
|
+
```
|
|
160
|
+
|
|
161
|
+
Common vulnerable patterns found in Salesforce static resources:
|
|
162
|
+
|
|
163
|
+
| Library | Common Issue | Safe Version Floor |
|
|
164
|
+
|---------|-------------|-------------------|
|
|
165
|
+
| jQuery | `$.parseHTML` XSS, `$` selector injection | >= 3.5.0 |
|
|
166
|
+
| Moment.js | ReDoS in `moment.format` | >= 2.29.4 (or migrate to Luxon) |
|
|
167
|
+
| Handlebars.js | Prototype pollution | >= 4.7.7 |
|
|
168
|
+
| Lodash | Prototype pollution via `merge`/`defaultsDeep` | >= 4.17.21 |
|
|
169
|
+
| Underscore.js | Prototype pollution | >= 1.13.0 |
|
|
170
|
+
|
|
171
|
+
### npm audit
|
|
172
|
+
|
|
173
|
+
```bash
|
|
174
|
+
# For projects with package.json (e.g., SFDX project tools, Jest setup)
|
|
175
|
+
npm audit --audit-level=moderate --json > npm-audit-results.json
|
|
176
|
+
|
|
177
|
+
# Fail CI pipeline on high/critical
|
|
178
|
+
npm audit --audit-level=high
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
---
|
|
182
|
+
|
|
183
|
+
## Pipeline Integration Reference
|
|
184
|
+
|
|
185
|
+
### GitHub Actions example
|
|
186
|
+
|
|
187
|
+
```yaml
|
|
188
|
+
name: SCA Gate
|
|
189
|
+
on: [pull_request]
|
|
190
|
+
jobs:
|
|
191
|
+
sca:
|
|
192
|
+
runs-on: ubuntu-latest
|
|
193
|
+
steps:
|
|
194
|
+
- uses: actions/checkout@v4
|
|
195
|
+
- name: Setup Node
|
|
196
|
+
uses: actions/setup-node@v4
|
|
197
|
+
with:
|
|
198
|
+
node-version: '20'
|
|
199
|
+
- name: Install Salesforce CLI
|
|
200
|
+
run: npm install -g @salesforce/cli
|
|
201
|
+
- name: Install Code Analyzer
|
|
202
|
+
run: sf plugins install @salesforce/plugin-code-analyzer
|
|
203
|
+
- name: Run PMD
|
|
204
|
+
run: |
|
|
205
|
+
sf scanner run \
|
|
206
|
+
--target "force-app/**/*.cls" \
|
|
207
|
+
--engine pmd \
|
|
208
|
+
--severity-threshold 2 \
|
|
209
|
+
--format github-actions
|
|
210
|
+
- name: Run ESLint
|
|
211
|
+
run: |
|
|
212
|
+
npm ci
|
|
213
|
+
npx eslint force-app/main/default/lwc --ext .js
|
|
214
|
+
- name: RetireJS
|
|
215
|
+
run: |
|
|
216
|
+
npm install -g retire
|
|
217
|
+
retire --path force-app/main/default/staticresources --severity high
|
|
218
|
+
```
|
|
219
|
+
|
|
220
|
+
### Severity Threshold Guidance
|
|
221
|
+
|
|
222
|
+
| Pipeline Stage | Recommended Threshold |
|
|
223
|
+
|---------------|----------------------|
|
|
224
|
+
| Pull Request (feature branch) | Fail on Critical; Warn on High |
|
|
225
|
+
| Merge to main/develop | Fail on Critical and High |
|
|
226
|
+
| Production deployment | Fail on Critical, High, and Medium |
|