AgentforceMCP
by Mohit-Harsh
Overview
Integrates Model Context Protocol (MCP) clients and REST API applications with Salesforce Agentforce Agents.
Installation
npx -y @mohitharsh/agentforcemcp --username <your-username> --password <your-password> --securityToken <your-security-token> --agentName <agent-api-name>Environment Variables
- UNAME
- PASSWORD
- SECURITY_TOKEN
- CLIENT_ID
- CLIENT_SECRET
- DOMAIN_URL
Security Notes
The `src/streamable-http-agent-api/server.py` implementation exposes sensitive Salesforce Connected App credentials (`clientId`, `clientSecret`, `domainUrl`) via HTTP headers, which is a critical security risk as these can be intercepted or easily discovered. The `src/streamable-http-oauth/server.py` contains a `CustomTokenVerifier` that bypasses proper JWT verification for incoming tokens, effectively accepting any token as long as it is present, which significantly weakens the authentication mechanism of the MCP server. Additionally, the `src/stdio/server.py` and `npm-package/server.py` implementations (when run via `npx`) pass Salesforce credentials (`username`, `password`, `securityToken`, `agentName`) directly as command-line arguments, posing a risk of exposure via process listings (`ps -ef`) or command history.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcpstore
Orchestrate Microservice Context Protocol (MCP) services and adapt them for integration with various AI frameworks like LangChain, managing tools and their lifecycle.
AgentChat
An AI Agent platform for building, deploying, and managing AI assistants that integrate various tools, Large Language Models (LLMs), knowledge bases (RAG), and Model Context Protocol (MCP) servers.
MCP-Agent
An autonomous AI agent designed to discover, connect to, and utilize tools and resources from various Model Context Protocol (MCP) servers to accomplish tasks.