sf-security-constraints
CommunityPrevent data leaks and XSS in Salesforce code
Authorjiten-singh-shahi
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Enforces security rules to prevent unauthorized data access, injection vulnerabilities, and client-side XSS in Salesforce code by ensuring correct CRUD/FLS checks, sharing context, safe SOQL usage, and proper encoding.
Core Features & Use Cases
- Automated security guidance for reviews: Identifies missing CRUD/FLS enforcement, improper or undocumented sharing keywords, SOQL injection risks, and unsafe client-side rendering patterns.
- Concrete remediation patterns: Recommends use of bind variables, WITH USER_MODE / AccessLevel.USER_MODE, Security.stripInaccessible(), and encoding strategies for Visualforce and LWC.
- Governance and documentation: Requires documented justification for any without sharing usage and calls out hardcoded credentials or sensitive logging during development and deployments.
Quick Start
Run the security constraints check during development or code review on any Apex class, trigger, LWC component, or Visualforce page to surface missing CRUD/FLS, sharing, injection, and XSS issues.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sf-security-constraints Download link: https://github.com/jiten-singh-shahi/salesforce-claude-code/archive/main.zip#sf-security-constraints Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.