ibm-salesforce-context
Verified Safeby trevSmart
Overview
This server provides a Model Context Protocol (MCP) interface to Salesforce organizations, enabling AI agents to interact with Salesforce data and metadata through a suite of specialized tools for development, administration, and data management tasks.
Installation
npx ibm-salesforce-contextEnvironment Variables
- DEV_SF_ORG_CLIENT_ID
- DEV_SF_ORG_CLIENT_SECRET
- DEV_SF_ORG_CLIENT_USERNAME
- DEV_SF_ORG_CLIENT_PASSWORD
- GITHUB_TOKEN
- PASSWORD
- MCP_ALLOWED_ORIGINS
- MCP_HTTP_PORT
- NODE_ENV
- VITEST
- SF_MCP_AGENTFORCE_AGENT_ID
- LOG_LEVEL
- STRICT_SSL
- TELEMETRY_ENABLED
- TELEMETRY_ENDPOINT
- TELEMETRY_TIMEOUT
- DEV_MCP_REPORT_ISSUE_DRY_RUN
- WORKSPACE_FOLDER_PATHS
- DISABLE_ELICITATION
Security Notes
The server extensively uses Zod for input validation and `shellQuote.quote` for sanitizing commands sent to the Salesforce CLI, mitigating injection risks. Sensitive information like tokens and passwords are expected from environment variables and are redacted in logs. User confirmation (`elicitation`) is implemented for destructive operations. The project's active secret scanning is a positive indicator. Potential risks include the inherent power of direct Salesforce CLI command execution if not strictly controlled within tool handlers, and the use of Playwright for audit trail download which introduces browser-related attack surface.
Similar Servers
kubernetes-mcp-server
Facilitates AI agent interaction with Kubernetes and OpenShift clusters by exposing management and observability tools via the Model Context Protocol.
mcp
The MCP Server for Salesforce facilitates seamless interaction between large language models (LLMs) and Salesforce orgs, providing a robust set of tools for common development and administrative tasks. This includes static code analysis for performance/security antipatterns, metadata deployment/retrieval, org management, SOQL queries, Apex/Agent testing, and DevOps workflows like work item management and conflict resolution.
deploystack
Centralized management and optimization of Model Context Protocol (MCP) servers and AI agent tools, including credential management and governance.
context-engine
Provides an agent-agnostic local context engine via Model Context Protocol (MCP) for coding agents, enabling semantic search, planning, code review, and prompt enhancement with AI integration.