jaganpro/sf-integration
skills/sf-integration/SKILL.md
Salesforce integration architecture with 120-point scoring. TRIGGER when: user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events, CDC, or touches .namedCredential-meta.xml files. DO NOT TRIGGER when: Connected App/OAuth config (use sf-connected-apps), Apex-only logic (use sf-apex), or data import/export (use sf-data).
$ install --global
skillsauthnpx skillsauth add jaganpro/sf-skills sf-integrationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 5, 2026, 10:31 PM40.2s24 files scanned
SKILL.md
- name:
- sf-integration
- description:
- >
- TRIGGER when:
- user sets up Named Credentials, External Services, REST/SOAP
- DO NOT TRIGGER when:
- Connected App/OAuth config (use sf-connected-apps),
- license:
- MIT
- version:
- 1.2.0
- author:
- Jag Valaiyapathy
- scoring:
- 120 points across 6 categories
sf-integration: Salesforce Integration Patterns Expert
Use this skill when the user needs integration architecture and runtime plumbing: Named Credentials, External Credentials, External Services, REST/SOAP callout patterns, Platform Events, CDC, and event-driven integration design.
When This Skill Owns the Task
Use sf-integration when the work involves:
.namedCredential-meta.xmlor External Credential metadata- outbound REST/SOAP callouts
- External Service registration from OpenAPI specs
- Platform Events, CDC, and event-driven architecture
- choosing sync vs async integration patterns
Delegate elsewhere when the user is:
- configuring the OAuth app itself → sf-connected-apps
- writing Apex-only business logic → sf-apex
- deploying metadata → sf-deploy
- importing/exporting data → sf-data
Required Context to Gather First
Ask for or infer:
- integration style: outbound callout, inbound event, External Service, CDC, platform event
- auth method
- sync vs async requirement
- system endpoint / spec details
- rate limits, retry expectations, and failure tolerance
- whether this is net-new design or repair of an existing integration
Recommended Workflow
1. Choose the integration pattern
| Need | Default pattern | |---|---| | authenticated outbound API call | Named Credential / External Credential + Apex or Flow | | spec-driven API client | External Service | | trigger-originated callout | async callout pattern | | decoupled event publishing | Platform Events | | change-stream consumption | CDC |
2. Choose the auth model
Prefer secure runtime-managed auth:
- Named Credentials / External Credentials
- OAuth or JWT via the right credential model
- no hardcoded secrets in code
3. Generate from the right templates
Use the provided assets under:
assets/named-credentials/assets/external-credentials/assets/external-services/assets/callouts/assets/platform-events/assets/cdc/assets/soap/
4. Validate operational safety
Check:
- timeout and retry handling
- async strategy for trigger-originated work
- logging / observability
- event retention and subscriber implications
5. Hand off deployment or implementation details
Use:
- sf-deploy for deployment
- sf-apex for deeper service / retry code
- sf-flow for declarative HTTP callout orchestration
High-Signal Rules
- never hardcode credentials
- do not do synchronous callouts from triggers
- define timeout behavior explicitly
- plan retries for transient failures
- use middleware / event-driven patterns when outbound volume is high
- prefer External Credentials architecture for new development when supported
Common anti-patterns:
- sync trigger callouts
- no retry or dead-letter strategy
- no request/response logging
- mixing auth setup responsibilities with runtime integration design
Output Format
When finishing, report in this order:
- Integration pattern chosen
- Auth model chosen
- Files created or updated
- Operational safeguards
- Deployment / testing next step
Suggested shape:
Integration: <summary>
Pattern: <named credential / external service / event / cdc / callout>
Files: <paths>
Safety: <timeouts, retries, async, logging>
Next step: <deploy, register, test, or implement>
Cross-Skill Integration
| Need | Delegate to | Reason | |---|---|---| | OAuth app setup | sf-connected-apps | consumer key / cert / app config | | advanced callout service code | sf-apex | Apex implementation | | declarative HTTP callout / Flow wrapper | sf-flow | Flow orchestration | | deploy integration metadata | sf-deploy | validation and rollout | | use integration from Agentforce | sf-ai-agentscript | agent action composition |
Reference Map
Start here
- references/named-credentials-guide.md
- references/external-services-guide.md
- references/callout-patterns.md
- references/security-best-practices.md
Event-driven / platform patterns
- references/event-patterns.md
- references/platform-events-guide.md
- references/cdc-guide.md
- references/event-driven-architecture-guide.md
- references/messaging-api-v2.md
CLI / automation / scoring
- references/cli-reference.md
- references/named-credentials-automation.md
- references/scoring-rubric.md
- assets/
Score Guide
| Score | Meaning | |---|---| | 108+ | strong production-ready integration design | | 90–107 | good design with some hardening left | | 72–89 | workable but needs architectural review | | < 72 | unsafe / incomplete for deployment |
Related Skills
jaganpro/sf-lwc
development
VerifiedTrustedCommunity
Lightning Web Components with PICKLES methodology and 165-point scoring. TRIGGER when: user creates/edits LWC components, touches lwc/**/*.js, .html, .css, .js-meta.xml files, or asks about wire service, SLDS, or Jest LWC tests. DO NOT TRIGGER when: Apex classes (use sf-apex), Aura components, or Visualforce.
394SKILL.mdUpdated Apr 5, 2026
jaganpro/sf-ai-agentforce-grid
tools
VerifiedTrustedCommunity
Use this skill whenever users want to build, inspect, debug, automate, or publish workflows in Agentforce Grid (AI Workbench) using Salesforce plus the Grid MCP or direct Grid REST calls. Trigger it for Grid workbook creation, worksheet setup, Object/Reference/AI/Agent/AgentTest/Evaluation/PromptTemplate/InvocableAction column design, prompt drafting inside Grid, worksheet execution troubleshooting, Grid YAML `apply_grid` specs, and Windows-specific Grid setup issues. Also use it when users mention AI Workbench, Grid Studio, workbook IDs, worksheet IDs, Grid Connect, or ask for recipes like "top opportunities with AI email drafts", "agent test suite in Grid", or "build this worksheet from YAML". Do not use it for generic Salesforce work unrelated to Agentforce Grid.
372SKILL.mdUpdated Apr 23, 2026
jaganpro/sf-flex-estimator
development
VerifiedTrustedCommunity
Salesforce Flex Credit estimation for Agentforce and Data Cloud workloads. TRIGGER when: user needs cost projections, scenario planning, budget sizing, or architecture tradeoff analysis for Agentforce prompts/actions, Data Cloud meters, or monthly Flex Credit usage. DO NOT TRIGGER when: user is building Agentforce metadata or .agent files themselves (use sf-ai-agentforce or sf-ai-agentscript), implementing Data Cloud assets (use sf-datacloud-*), or asking for contract-specific commercial approval that depends on non-public pricing terms.
366SKILL.mdUpdated Apr 22, 2026
jaganpro/sf-permissions
testing
VerifiedTrustedCommunity
Permission Set analysis, hierarchy viewer, and access auditing. TRIGGER when: user asks "who has access to X?", analyzes permission sets/groups, or touches .permissionset-meta.xml / .permissionsetgroup-meta.xml files. DO NOT TRIGGER when: creating new metadata (use sf-metadata), deploying permission sets (use sf-deploy), or Apex sharing logic (use sf-apex).
366SKILL.mdUpdated Apr 5, 2026