The Agent Skills Directory

[SAFE]: The skill prioritizes modern Salesforce security by enforcing the use of Enhanced Named Credentials (API 61+) and External Credentials, ensuring authentication tokens and API keys are stored securely on the platform rather than in code.
[SAFE]: Automation scripts like 'configure-named-credential.sh' and 'set-api-credential.sh' use secure prompt methods (hidden terminal input) when collecting API keys, preventing sensitive data from appearing in the shell history.
[COMMAND_EXECUTION]: The skill leverages the official Salesforce CLI ('sf') for legitimate project tasks, including metadata deployment and executing administrative Apex code in the user's authenticated environment.
[DYNAMIC_EXECUTION]: The credential automation logic dynamically generates and runs temporary Apex scripts to store credentials via the Salesforce 'ConnectApi'. This is a controlled process limited to the user's local context and intended for administrative automation.
[SAFE]: The skill includes an internal validation hook ('validate_integration.py') that scans the developer's work for security risks such as hardcoded passwords, insecure HTTP requests, and lack of error handling.

sf-integration