sfskills-mcp
Provides tools for querying Salesforce metadata (Apex classes, triggers, LWC bundles, custom fields, objects, validation rules, permission sets, named credentials, approvals, orgs), executing SOQL, searching skills/agents/templates/decision trees, and routing tasks to agents via a live-org MCP server.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@sfskills-mcpshow me the decision tree for async integrations"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
SfSkills — Salesforce AI Skill Library
The universal Salesforce knowledge layer for AI coding assistants.
Drop this into Claude Code, Cursor, Aider, Windsurf, or any AI tool and get role-accurate, source-grounded Salesforce guidance — for every role, every cloud, every task.
1003 skills · 75 agents · shared Apex/LWC/Flow templates · golden evals · live-org MCP server.
1097+ skills planned across 5 roles × 16 clouds. Live progress: docs/queue-progress.md.
What Makes This Different
Three layers that turn generic LLMs into Salesforce-literate agents:
Skills (
skills/<domain>/<skill>/) — 1003 structured guides. Every skill carries source-grounded instructions, code examples, gotchas, WAF mapping, and a per-skill list of LLM anti-patterns the model must refuse to produce.Shared canon — One set of reusable building blocks the skills all point at, so the AI never reinvents them:
templates/→ TriggerHandler, ApplicationLogger, SecurityUtils, HttpClient, TestDataFactory, LWC skeleton, Flow fault paths, Agentforce actions.standards/decision-trees/→ Routing for automation, async, integration, and sharing decisions — agents consult these before writing code.evals/→ Golden P0 cases for flagship skills. Output quality is testable, not vibes-based.
Live-org MCP server (
mcp/sfskills-mcp/) — 38 tools across skill / agent / template / decision-tree search + retrieval, live-org metadata + SOQL (Apex classes / triggers, LWC bundles, custom fields, objects, validation rules, permission sets, named credentials, approvals, orgs), 5 probes (Apex refs, Flow refs, matching rules, permset shape, automation graph) with progress notifications, task-to-agent routing (suggest_agent),healthdiagnostic, atomic envelope persistence. Plus 68 MCP prompts (everycommands/*.mdwrapper —/refactor-apex,/audit-router, …) and 5 MCP resource shapes (sfskills://catalog,sfskills://skill/{id},sfskills://agent/{name},sfskills://decision-tree/{name},sfskills://template/{path}). Every tool carries honest annotations (readOnlyHint,destructiveHint,openWorldHint,idempotentHint) so MCP-aware clients can auto-approve safely. An AI agent reads this library and asks your actual org "does this already exist?" via yoursfCLI auth. No secrets handled in-process. Jump to setup ↓
Related MCP server: Salesforce Metadata-Aware RAG MCP
Who This Is For
Role | What you get |
Admin | Step-by-step configuration guides, FLS checklists, automation decision trees |
BA | Requirements templates, UAT scripts, process mapping frameworks |
Developer | Apex patterns with test classes, LWC component scaffolds, Flow best practices |
Data | Migration runbooks, SOQL optimization, Bulk API patterns, LDV strategies |
Architect | Decision frameworks, WAF reviews, scalability planning, ADR templates |
Supported AI Tools
Tool | Setup | Slash commands in |
Claude Code | Clone + open. Works automatically via | ✅ Auto — |
Cursor |
| ✅ Yes (Wave 11) |
Windsurf |
| ✅ Yes (as Cascade workflows; 12 KB cap per file) |
Augment |
| ✅ Yes (Wave 11) |
Codex CLI |
| ✅ Yes (as |
Aider |
| ❌ Aider doesn't support custom slash; index embedded in CONVENTIONS.md |
Any LLM | Copy any | — |
Live-org validation (Wave 9)
Every probe, agent, and skill in this repo is verified against a live Salesforce org via three automated harnesses:
Layer 1 — Probe SOQL correctness (every SOQL query executes against a real org)
Layer 2 — Agent smoke tests (47/47 active runtime agents pass structural + dependency checks)
Layer 3 — Skill factuality sampling (200-skill sample, 0 fabricated field references)
Re-runnable on any dev/scratch org:
python3 scripts/validate_probes_against_org.py --target-org <alias>
python3 scripts/smoke_test_agents.py --target-org <alias>
python3 scripts/validate_skill_factuality.py --target-org <alias> --sample 200Reports land in docs/validation/. See docs/validation/README.md for what each layer catches.
Installing just one agent (not the whole library)
If you only need a specific agent in another project (e.g. user-access-diff):
python3 scripts/export_agent_bundle.py --agent user-access-diff --rewrite-paths --out ./my-export
# Drop ./my-export/user-access-diff/ into .cursor/agents/ or .claude/agents/The bundle carries the AGENT.md plus every probe, skill, template, and shared doc it needs — with paths auto-rewritten to resolve inside the bundle. See docs/installing-single-agents.md.
5-Minute Setup
# 1. Clone
git clone https://github.com/PranavNagrecha/AwesomeSalesforceSkills.git
cd AwesomeSalesforceSkills
# 2. Install dependencies
python3 -m pip install -r requirements.txt
# 3a. Claude Code — works automatically via CLAUDE.md. Just open the repo.
# 3b. Cursor / Windsurf / Aider / Augment — export and copy:
python3 scripts/export_skills.py --platform cursor # or windsurf | aider | augment | all
cp -r exports/cursor/.cursor/ /path/to/your/sf-project/
# 4. Search what's in the library
python3 scripts/search_knowledge.py "trigger recursion"
python3 scripts/search_knowledge.py "permission sets" --domain adminWant your AI to see your actual org too? Install the MCP server below.
What a Skill Looks Like
Every skill is a structured guide an AI follows end-to-end. Example for apex/trigger-framework:
trigger-framework/
├── SKILL.md ← the AI's instructions: modes, gather questions, step-by-step
├── references/
│ ├── examples.md ← real code examples with test classes
│ ├── gotchas.md ← non-obvious platform behaviors
│ └── well-architected.md ← WAF pillar mapping + official sources
├── templates/
│ └── trigger-framework-template.md ← deployable scaffold
└── scripts/
└── check_trigger.py ← local validator (stdlib only, no pip)Skills are plain markdown. They work in any AI tool that can read a file.
Shared Templates
Canonical, copy-pasteable Salesforce building blocks live under templates/:
templates/
├── apex/ TriggerHandler, TriggerControl, BaseDomain/Service/Selector,
│ ApplicationLogger, SecurityUtils, HttpClient
├── apex/tests/ TestDataFactory, TestRecordBuilder, MockHttpResponseGenerator,
│ TestUserFactory, BulkTestPattern
├── apex/cmdt/ Trigger_Setting__mdt, Logger_Setting__mdt
├── apex/custom_objects/ Application_Log__c (+ fields)
├── lwc/ jest.config.js, component-skeleton/ (bundle + tests),
│ patterns/ (wire, imperative, LDS form)
├── flow/ RecordTriggered_Skeleton, FaultPath_Template, Subflow_Pattern
└── agentforce/ AgentSkeleton.json, AgentActionSkeleton.cls, AgentTopic_Template.mdEvery skill in this repo references these canonical files instead of re-inventing scaffolds. AI tools reading the skills get one consistent implementation of each Salesforce idiom — testable, version-pinned, and deployable.
Drop the files you need into your SFDX project under force-app/main/default/
and rename. See templates/README.md for the layout
and dependency order.
Covered Skills
Domain | Skills |
Admin | 252 — custom fields, objects, picklists, users, org setup, page layouts, permission sets, sharing, validation rules, flows, reports, data skew, requirements gathering, Experience Cloud site setup, member management, CMS content, guest access, moderation, SEO, portal requirements, self-service design, partner community, community engagement, CPQ product catalog and bundles, CPQ pricing rules, CPQ quote templates, FSL work orders, service territories, resource management, scheduling policies, mobile app setup, Health Cloud patient setup, care plan configuration, care program management, FSC financial accounts, household model configuration, FSC referral management, NPSP household accounts, gift entry and processing, soft credits and matching, recurring donations, Marketing Cloud Engagement setup, MCAE/Pardot setup, Email Studio, Journey Builder, Marketing Cloud Connect, MCAE lead scoring and grading, consent management, email deliverability, B2B Commerce store setup, CRM Analytics app creation, analytics dashboard design, integration-admin connected apps, remote site settings, outbound message setup, integration user management, change data capture admin... |
Apex | 149 — trigger framework, batch, async, security patterns, callouts, mocking, platform cache, SOQL fundamentals, sf CLI and SFDX essentials, Metadata API and package.xml, debug logs and Developer Console, apex managed sharing, scheduled jobs, email services, fflib enterprise patterns, mixed DML and setup objects, record locking, callout-DML transaction boundaries, trigger-flow coexistence, apex performance profiling, JSON serialization, DML patterns, collections patterns, aggregate queries, SOQL relationship queries, batch chaining, transaction finalizers, wrapper class patterns, limits monitoring, named credentials patterns... |
LWC | 79 — wire service, component communication, testing, accessibility, offline, performance, toast and notifications, dynamic components, imperative Apex, message channel patterns, LWR site development, Experience Cloud LWC components, authentication flows, headless CMS API, API access patterns, search customization, multi-IdP SSO... |
Flow | 60 — record-triggered, screen flows, fault handling, bulkification, subflows, governance, debugging, auto-launched flow patterns, collection processing, External Services callouts, Flow for Slack Core Actions, flow action framework, flow large-data-volume patterns, Process Builder to Flow migration, Workflow Rule to Flow migration... |
OmniStudio | 34 — OmniScript design, DataRaptor, Integration Procedures, security, FlexCard design patterns, calculation procedures, DataPack deployment, performance optimization, Industries CPQ vs Salesforce CPQ, OmniStudio testing patterns, OmniStudio CI/CD patterns... |
Agentforce | 51 — agent actions, topic design, Einstein Trust Layer, agent creation, Einstein Copilot for Sales, Einstein Prediction Builder, Einstein Copilot for Service, Model Builder and BYOLLM, RAG patterns, agent testing and evaluation, persona design, MCP tool definition in Apex, Salesforce MCP server setup... |
Security | 48 — org hardening, permission set groups, Shield Platform Encryption, event monitoring, field audit trail, transaction security policies, login forensics, network security and trusted IPs, sandbox data masking, API security and rate limiting, experience cloud security, FERPA compliance, MFA enforcement strategy, OAuth token management... |
Integration | 61 — GraphQL, OAuth flows, Salesforce Connect, REST API patterns, SOAP API patterns, named credentials, Streaming API and PushTopic, platform events integration, Change Data Capture for external subscribers, callout limits and async patterns, file and document integration, idempotent integration patterns, Data Cloud Ingestion API streaming vs bulk, Pub/Sub API gRPC patterns, Revenue Lifecycle Management DRO, Loyalty Management setup, Slack Salesforce integration setup, Data Cloud query API, Data Cloud activation development, Data Cloud integration strategy, Bulk API 2.0 patterns, Slack Workflow Builder... |
Data | 97 — multi-currency, SOSL, rollup alternatives, data model design patterns, data migration planning, data quality and governance, bulk API and large data loads, data archival strategies, SOQL query optimization, service data archival, external user data sharing, community user migration, community analytics, partner data access patterns, volunteer management requirements, NPSP gift history import, B2B Commerce product catalog migration, Order Management order history migration, OCI inventory data, Data Cloud DMO identity resolution, Data Cloud consent and privacy, Revenue Cloud data model... |
Architect | 104 — solution design patterns, limits and scalability planning, multi-org strategy, technical debt assessment, well-architected review, platform selection guidance, security architecture review, Experience Cloud licensing model, multi-site architecture, headless vs LWR vs Aura decision framework, Experience Cloud performance and CDN, Experience Cloud integration patterns (SSO, widgets, Data Cloud), MuleSoft Anypoint Platform runtime model selection, large-data-volume architecture, Data Cloud vs CRM Analytics decision... |
DevOps | 68 — scratch org management, sandbox refresh and templates, unlocked package development, second-generation managed packages, DevOps Center pipeline, GitHub Actions for Salesforce, post-deployment validation, deployment error troubleshooting, rollback and hotfix strategy, pre-deployment checklist, go-live cutover planning, VS Code extensions, SFDX project structure, multi-package development, API version management, 1GP managed package development, CPQ deployment patterns, Salesforce CLI automation, code review checklist... |
See the full catalog: docs/SKILLS.md
Using Skills in Practice
Ask your AI to use a specific skill
"Use the trigger-framework skill to build an Account trigger handler"
"Follow the batch-apex-patterns skill to review this batch class"
"Apply the permission-set-architecture skill to this org assessment"Let the AI find the right skill
"My trigger is firing twice on the same record update"
→ AI searches, finds recursive-trigger-prevention skill, applies it
"Why can't my user see the field even though they have object access?"
→ AI searches, finds soql-security + permission-set-architecture, applies bothSearch skills yourself
python3 scripts/search_knowledge.py "my flow is hitting limits"
python3 scripts/search_knowledge.py "callout timeout" --domain integration
python3 scripts/search_knowledge.py "data skew performance" --domain dataRequest a Missing Skill
Three ways:
Run the /request-skill command — Ask the AI to follow commands/request-skill.md. It asks 4 questions, checks existing coverage, and adds an entry to BACKLOG.yaml.
Add directly to the queue — Append an entry to BACKLOG.yaml:
- id: your-skill-name
status: TODO
skill: your-skill-name
domain: <domain>
summary: "What it does. NOT for what it doesn't cover."
history: []Open a GitHub issue — Title: [Skill Request] <domain>: <skill-name>. Describe the use case, the role, and which cloud it applies to.
Contribute a Skill
See CONTRIBUTING.md for the full workflow.
The short version:
# 1. Check it doesn't already exist (lexical + semantic)
python3 scripts/search_knowledge.py "<your topic>"
python3 scripts/audit_duplicates.py --domain <domain> # full pairwise
# 2. Scaffold it (--strict refuses to create near-duplicates)
python3 scripts/new_skill.py <domain> <skill-name> --strict
# 3. Fill every TODO in the generated files
# — Reference templates/ for any Apex/LWC/Flow scaffolds (don't inline your own)
# — Cite standards/decision-trees/ if your skill recommends a technology
# 4. Sync and validate
python3 scripts/skill_sync.py --skill skills/<domain>/<skill-name>
python3 scripts/validate_repo.py
python3 evals/scripts/run_evals.py --structure # if you added a golden eval
# 5. Open a PREvery skill must pass three gates before merging:
Structural gate —
validate_repo.pyexits 0. The full list of gates with file:line links lives instandards/validation-gates.md(generated).Canon gate — scaffolds reference
templates/; technology choices citestandards/decision-trees/; any@InvocableMethodor agent action usestemplates/agentforce/AgentActionSkeleton.clsas the base shapeQuality gate —
standards/skill-content-contract.md(source grounding, content depth, agent usability, contradiction check, freshness) plusreferences/llm-anti-patterns.mdpopulated with real failure modes for that skill. The semantic-duplicate check fires as a WARN; reviewdocs/reports/duplicate-candidates.mdbefore merging if the WARN names your new skill.
Flagship skills additionally carry a golden eval under evals/golden/ with 3+ P0 cases.
Update an Existing Skill
Found something wrong? Source changed? Platform behavior updated?
# Edit the skill files
# Then:
python3 scripts/skill_sync.py --skill skills/<domain>/<skill-name>
python3 scripts/validate_repo.py
# Open a PR with what changed and whyOr tell the AI:
"The trigger-framework skill is missing guidance for the new Flow-triggered Apex pattern in Spring '25"The Currency Monitor agent will handle it if you flag it during a release cycle.
Standards and Rules
File | What it defines |
| Canonical workflow rules for agents and contributors |
| Claude Code-specific instructions |
| Canonical Apex / LWC / Flow / Agentforce scaffolds every skill points at |
| 4-tier source trust ladder + contradiction rules |
| 5 quality gates every skill must pass |
| Cross-skill routing: automation, async, integration, sharing |
| Official doc URLs by domain |
| WAF pillar definitions and scoring |
| Apex, LWC, Flow, Object naming rules |
| Full code review checklist |
| Per-skill list of wrong outputs the model must refuse to produce |
| Golden output-quality evals for flagship skills (10 skills × 3 P0 cases) |
Agents: Build-time vs Run-time
This repo ships two classes of agents, both as instruction files (agents/<name>/AGENT.md) that any agentic AI can follow (Claude Code, Codex, Cursor, Windsurf, or any MCP client).
Class | Purpose | Who invokes |
Build-time (14) | Produce and maintain the skill library itself | Repo maintainers, |
Run-time (47) | Use the library to do real Salesforce work in your codebase / org | You — via slash commands, direct AGENT.md reads, or MCP |
The contract every agent follows: agents/_shared/AGENT_CONTRACT.md.
The full roster: agents/_shared/RUNTIME_VS_BUILD.md.
Run-time Agents (the ones you call)
Each agent takes concrete inputs, composes skills + templates + decision-trees + (optional) live-org probes, and returns a PR-ready report or plan. Three invocation modes — all fire the same AGENT.md:
Slash command — ask your AI to follow
commands/<name>.mdDirect read — point any AI at
agents/<name>/AGENT.mdMCP — call
get_agent(name)on the SfSkills MCP server; the server returns the instructions for your model to execute
Every run-time agent follows the same 8-section contract (including a mandatory Process Observations block that flags healthy, concerning, and ambiguous patterns in the org while producing the output), cites every skill / template / decision-tree it used, and never writes to your org.
Developer + architecture tier (16)
Agent | Slash command | What it does |
| Refactor an Apex class onto the canonical | |
| Build Apex class(es) from requirements onto canonical patterns + a test class | |
| Collapse N triggers on one sObject into the handler framework with a deactivation plan | |
| Generate a bulk-safe ≥ 85%-coverage test class using | |
| Find and fix SOQL anti-patterns (query-in-loop, non-selective, no-security) | |
| Audit CRUD/FLS, sharing, hardcoded secrets, Remote Sites vs Named Credentials | |
| Decide Flow vs Apex per the automation decision tree + bulkification review | |
| Design a Flow Orchestration + stage / step map | |
| Inventory WFR / Process Builder / Approvals → Flow migration plan | |
| Pick Bulk API 2.0 / Platform Events / Pub/Sub / REST Composite from volume + latency | |
| Generate a full LWC bundle (js/html/css/meta/tests) + optional Apex controller | |
| A11y + performance + security audit of an LWC bundle | |
| Ranked hypotheses + diagnostic probes + proposed fix for a live LWC failure | |
| Build / validate a deployment change set manifest + checklist | |
| Pre-deploy risk score vs live org (breaking-change list via MCP probes) | |
| Scaffold Agentforce action: Apex |
Admin accelerators — Tier 1 (14)
Agent | Slash command | What it does |
| Blast-radius report before renaming or deleting a field | |
| Setup-ready sObject design from a concept (fields, RTs, VRs, layouts) | |
| Profile-less PS / PSG / Muting design per persona | |
| Design a Flow from requirements, route to Apex when the tree says so | |
| Go/no-go checklist for a Data Loader / Bulk API load | |
| Matching + Duplicate Rules scoped to the load and post-load hygiene | |
| Assignment + auto-response rule design | |
| Business hours + holiday set configuration plan | |
| Compile the canonical 10-section configuration workbook | |
| CMDT / Custom Settings design + Apex usage patterns | |
| Entitlement process + milestone design | |
| Experience Cloud site admin setup (member, guest, CMS) | |
| Path + guidance + key fields design per object / stage | |
| Map a process narrative to a Salesforce automation swim-lane |
Workflow Rule / Process Builder / Approval Process migration is handled by the consolidated
automation-migration-router(Developer tier) — see/automation-migration-router.
Strategic — Tier 2 (7)
Agent | Slash command | What it does |
| Review relationships, rollups, External IDs, growth forecast, indexes | |
| NCs + Remote Sites + Connected Apps + certs, scored for posture | |
| Map CSV headers → sObject fields + External ID + VR collision report | |
| Classic / Lightning / Enhanced LEX classification + migration plan | |
| Routes to the right single-mode auditor or runs a multi-mode org audit (absorbs the retired auditors) | |
| Fit / gap analysis: requirements backlog vs target-org configuration | |
| Salesforce-aware INVEST story backlog with Given/When/Then criteria |
Vertical + governance — Tier 3 (10)
Agent | Slash command | What it does |
| Queue + routing-config + presence design with capacity math | |
| Data categories, article types, channel-audience matrix, lifecycle | |
| Opportunity stage ladder + forecast categories + VR gates + Path | |
| Source × geo × product routing matrix, queues, SLAs, conversion handoff | |
| Environment ladder + scratch pools + refresh calendar + masking | |
| Package strategy, branching, CI/CD gates, release calendar, hotfix plan | |
| Well-Architected scorecard across Trusted / Easy / Adaptable / Resilient / Composable | |
| Per-action A–F scorecard + topic coherence + guardrails gap list | |
| Decompose a Profile into Permission Sets + PSGs | |
| Side-by-side access comparison between two Salesforce users |
Deprecated (14): the single-mode auditors/governors (
/audit-sharing,/audit-record-page,/audit-record-types,/govern-picklists,/audit-reports,/audit-validation-rules,/audit-case-escalation,/govern-prompt-library,/detect-drift, plus 5 earlier stubs) are consolidated into/audit-router. Full deprecated roster + redirects:RUNTIME_VS_BUILD.md.
Full list + source-skill map: agents/_shared/SKILL_MAP.md.
How the library itself gets built
The build-time agents live in the same agents/ tree. They're the skill factory:
BACKLOG.yaml what needs to be built (machine-readable)
│
▼
agents/orchestrator/ routes TODOs to the right builder
│
├── agents/task-mapper/ researches Cloud × Role task universes
├── agents/content-researcher/ grounds every claim in Tier 1–3 sources
├── agents/admin-skill-builder/ builds Admin + BA skills
├── agents/dev-skill-builder/ builds Apex / LWC / Flow / Integration / DevOps
├── agents/data-skill-builder/ builds data modeling, migration, SOQL
├── agents/architect-skill-builder/ builds solution design + WAF review
├── agents/devops-skill-builder/ builds DevOps / release-engineering skills
├── agents/security-skill-builder/ builds Security skills
├── agents/code-reviewer/ canon-gate review (templates, decision-trees, evals)
├── agents/validator/ structural + quality gates before every commit
├── agents/currency-monitor/ flags stale skills after each SF release
├── agents/org-assessor/ audits a target org against the library
└── agents/release-planner/ assembles release notes from skill deltasOperators drive the system via slash commands under commands/ (invoke by asking the AI to "follow commands/<name>.md"):
Command | What it does |
Autonomous loop: claim → research → build → validate → commit | |
Scaffold one skill through the full contract | |
4-question flow to append a TODO to | |
Run | |
Run | |
Generate release notes from recent skill deltas |
Source Hierarchy
Every claim in every skill is grounded against a 4-tier trust ladder. When sources disagree, the lower tier loses. Defined in standards/source-hierarchy.md.
Tier 1 — Official Salesforce docs (ground truth)
Tier 2 — Trailhead, Salesforce Architects blog, Salesforce Ben
Tier 3 — Andy in the Cloud, Apex Hours, Salesforce Stack Exchange
Tier 4 — Community signal (context only, never the basis for a claim)
Roadmap
Shipped in v1:
1003 skills across Admin, Apex, LWC, Flow, OmniStudio, Agentforce, Security, Integration, Data, Architect, DevOps
Shared templates (Apex handler framework, logger, security utils, HTTP client, test factories, LWC skeleton, Flow fault paths, Agentforce action shell)
Decision trees for automation, async, integration, and sharing selection
Golden evals for 10 flagship skills (30 P0 cases)
MCP server exposing the library + live-org lookups
In flight toward v2 (1119+ planned):
Per-cloud tagging across every skill (
clouds: [...]in registry)Expand golden evals from 10 → 40 flagship skills
Role-specific landing pages (Admin, BA, Developer, Data, Architect)
Deeper cloud coverage: Sales, Service, Experience, Marketing, Revenue (CPQ), Field Service, Health, FSC, Nonprofit, Commerce, CRM Analytics, MuleSoft
Currency monitor — automated staleness flagging after each Salesforce release
Live queue: BACKLOG.yaml (machine-readable) · docs/queue-progress.md (generated dashboard) · MASTER_QUEUE.md (intro + agent workflow)
Maintainer
Pranav Nagrecha — Salesforce Technical Architect
Version: 1.0.0 | Last Updated: April 2026
Issues → GitHub Issues
Skill requests → /request-skill in Claude Code or open an issue with [Skill Request] prefix
MCP Server (live-org context)
The mcp/sfskills-mcp/ package exposes this library and your real Salesforce
org to any MCP-capable AI tool so the agent can answer "does this trigger
framework already exist in my org?" without asking you.
38 read-only tools — the fifteen most-used shown here:
Tool | What it does |
| Lexical search over the 1003-skill SfSkills corpus with optional domain filter. |
| Full SKILL.md + registry metadata for a given skill id. |
|
|
| Custom sObjects in the target org with optional substring filter. |
| Flows (record / scheduled / platform-event triggered) targeting an sObject. |
| Category-aware probe: does the skill's guidance already have analogs in the org? |
| Enumerate SfSkills run-time + build-time agents (one-line summary each). |
| Fetch an agent's full AGENT.md (refactorer, scanner, admin accelerators, etc.) so the caller's model can execute it. |
| Validation rules for a given sObject with formula, active flag, error display. |
| Permission sets + groups + muting permission sets, with license + assignment counts. |
| Full object / field / user permission matrix for a specific permission set. |
| Record types, active flag, master-layout assignments, picklist value scoping. |
| Named Credentials + External Credentials (read-only; never returns secrets). |
| Approval processes + steps + next approver rules for an sObject. |
| Generic read-only Tooling API SOQL with a DML/mutation blocklist (escape hatch for admin-land agents). |
Install
# From the repo root
python3 -m pip install -e mcp/sfskills-mcp
# Authenticate via the Salesforce CLI (no secrets enter the MCP server)
sf org login web --alias my-dev
sf config set target-org=my-devConnect your AI tool
The server speaks the standard MCP stdio transport, so it drops into every
modern AI coding tool with a single snippet. Quick start for Cursor
(~/.cursor/mcp.json or project-scoped .cursor/mcp.json):
{
"mcpServers": {
"sfskills": {
"command": "python3",
"args": ["-m", "sfskills_mcp"],
"env": { "SFSKILLS_REPO_ROOT": "/absolute/path/to/AwesomeSalesforceSkills" }
}
}
}→ Full setup guide for every MCP-capable AI tool — Claude Code, Claude Desktop, Cursor, Windsurf, Zed, VS Code (Copilot Agent), Cline, Continue, Sourcegraph Cody, OpenAI Codex CLI, Gemini CLI, Goose, LibreChat, Open WebUI, JetBrains AI Assistant, 5ire, and the generic stdio transport — with per-client pitfalls, verification steps (MCP Inspector), troubleshooting, and the security model.
See mcp/sfskills-mcp/README.md for tool schemas, validate_against_org probe routing, and design notes.
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/PranavNagrecha/AwesomeSalesforceSkills'
If you have feedback or need assistance with the MCP directory API, please join our Discord server