mcp-salesforce
mcp0.1.15MCP Salesforce connector
By smn2gnt | 244 findings | Scanned 6/17/2026 | tooltrust-scanner/v0.3.18 | 180
Risk Summary
Safe With Normal ControlsDep Visibility is the main signal, but overall risk remains within an acceptable range.
Potential impact: This finding indicates the tool should be reviewed before it is trusted.
Recommended action: No high-risk findings were detected in this scan, but you should still apply least-privilege defaults and rescan after changes.
Suggested policy: keep this tool behind manual approval, do not allow unattended runs, and re-scan after narrowing risky permissions.
Security Findings (244)
input schema exposes 66 properties (threshold: 10)
SALESFORCE_ACCOUNT_CREATION_WITH_CONTENT_TYPE_OPTIONinput schema exposes 22 properties (threshold: 10)
SALESFORCE_CREATE_ACCOUNTinput schema exposes 13 properties (threshold: 10)
SALESFORCE_CREATE_CAMPAIGNSALESFORCE_SEND_EMAILinput schema exposes 35 properties (threshold: 10)
SALESFORCE_CREATE_CAMPAIGN_RECORD_VIA_POSTinput schema exposes 16 properties (threshold: 10)
SALESFORCE_CREATE_CONTACTSALESFORCE_UPDATE_CONTACTinput schema exposes 19 properties (threshold: 10)
SALESFORCE_CREATE_LEADinput schema exposes 54 properties (threshold: 10)
SALESFORCE_CREATE_LEAD_WITH_SPECIFIED_CONTENT_TYPEinput schema exposes 63 properties (threshold: 10)
SALESFORCE_CREATE_NEW_CONTACT_WITH_JSON_HEADERinput schema exposes 14 properties (threshold: 10)
SALESFORCE_CREATE_NOTE_RECORD_WITH_CONTENT_TYPE_HEADERSALESFORCE_LOG_EMAIL_ACTIVITYSALESFORCE_UPDATE_CAMPAIGNinput schema exposes 12 properties (threshold: 10)
SALESFORCE_CREATE_OPPORTUNITYSALESFORCE_SEARCH_OPPORTUNITIESSALESFORCE_UPDATE_OPPORTUNITYinput schema exposes 48 properties (threshold: 10)
SALESFORCE_CREATE_OPPORTUNITY_RECORDinput schema exposes 32 properties (threshold: 10)
SALESFORCE_QUERY_REPORTinput schema exposes 11 properties (threshold: 10)
SALESFORCE_SEARCH_TASKSSALESFORCE_SEND_EMAIL_FROM_TEMPLATEinput schema exposes 23 properties (threshold: 10)
SALESFORCE_UPDATE_ACCOUNTinput schema exposes 67 properties (threshold: 10)
SALESFORCE_UPDATE_ACCOUNT_OBJECT_BY_IDinput schema exposes 36 properties (threshold: 10)
SALESFORCE_UPDATE_CAMPAIGN_BY_ID_WITH_JSONinput schema exposes 64 properties (threshold: 10)
SALESFORCE_UPDATE_CONTACT_BY_IDinput schema exposes 20 properties (threshold: 10)
SALESFORCE_UPDATE_LEADinput schema exposes 62 properties (threshold: 10)
SALESFORCE_UPDATE_LEAD_BY_ID_WITH_JSON_PAYLOADinput schema exposes 49 properties (threshold: 10)
SALESFORCE_UPDATE_OPPORTUNITY_BY_IDinput schema exposes 15 properties (threshold: 10)
SALESFORCE_UPDATE_SPECIFIC_NOTE_BY_IDFix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
SALESFORCE_ACCOUNT_CREATION_WITH_CONTENT_TYPE_OPTIONSALESFORCE_ADD_OPPORTUNITY_LINE_ITEMSALESFORCE_CREATE_ACCOUNTSALESFORCE_CREATE_CAMPAIGNSALESFORCE_CREATE_CAMPAIGN_RECORD_VIA_POSTSALESFORCE_CREATE_CONTACTSALESFORCE_CREATE_LEADSALESFORCE_CREATE_LEAD_WITH_SPECIFIED_CONTENT_TYPESALESFORCE_CREATE_NEW_CONTACT_WITH_JSON_HEADERSALESFORCE_CREATE_NOTESALESFORCE_CREATE_NOTE_RECORD_WITH_CONTENT_TYPE_HEADERSALESFORCE_CREATE_OPPORTUNITYSALESFORCE_CREATE_OPPORTUNITY_RECORDSALESFORCE_CREATE_TASKSALESFORCE_EXECUTE_SOQL_QUERYSALESFORCE_FETCH_ACCOUNT_BY_ID_WITH_QUERYSALESFORCE_FETCH_MODIFIED_OR_UNMODIFIED_SOBJECTSSALESFORCE_LIST_DASHBOARDSSALESFORCE_LIST_EMAIL_TEMPLATESSALESFORCE_LIST_REPORTSSALESFORCE_LOG_EMAIL_ACTIVITYSALESFORCE_QUERY_CONTACTS_BY_NAMESALESFORCE_QUERY_REPORTSALESFORCE_REMOVE_ACCOUNT_BY_UNIQUE_IDENTIFIERSALESFORCE_RETRIEVE_ACCOUNT_DATA_AND_ERROR_RESPONSESSALESFORCE_RUN_SOQL_QUERYSALESFORCE_SEARCH_ACCOUNTSSALESFORCE_SEARCH_CAMPAIGNSSALESFORCE_SEARCH_CONTACTSSALESFORCE_SEARCH_LEADSSALESFORCE_SEARCH_NOTESSALESFORCE_SEARCH_OPPORTUNITIESSALESFORCE_SEARCH_TASKSSALESFORCE_SEND_EMAILSALESFORCE_SEND_MASS_EMAILSALESFORCE_UPDATE_ACCOUNTSALESFORCE_UPDATE_ACCOUNT_OBJECT_BY_IDSALESFORCE_UPDATE_CAMPAIGNSALESFORCE_UPDATE_CAMPAIGN_BY_ID_WITH_JSONSALESFORCE_UPDATE_CONTACTSALESFORCE_UPDATE_CONTACT_BY_IDSALESFORCE_UPDATE_LEADSALESFORCE_UPDATE_LEAD_BY_ID_WITH_JSON_PAYLOADSALESFORCE_UPDATE_NOTESALESFORCE_UPDATE_OPPORTUNITYSALESFORCE_UPDATE_OPPORTUNITY_BY_IDSALESFORCE_UPDATE_SPECIFIC_NOTE_BY_IDSALESFORCE_UPDATE_TASKFix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
declared capabilities: code/command execution, network access
SALESFORCE_ACCOUNT_CREATION_WITH_CONTENT_TYPE_OPTIONSALESFORCE_QUERY_REPORTdeclared capabilities: code/command execution
SALESFORCE_ADD_OPPORTUNITY_LINE_ITEMdeclared capabilities: code/command execution, filesystem access
SALESFORCE_CREATE_ACCOUNTSALESFORCE_CREATE_CAMPAIGNSALESFORCE_CREATE_CONTACTSALESFORCE_CREATE_LEADSALESFORCE_CREATE_OPPORTUNITYSALESFORCE_CREATE_TASKSALESFORCE_UPDATE_ACCOUNTSALESFORCE_UPDATE_CAMPAIGNSALESFORCE_UPDATE_CONTACTSALESFORCE_UPDATE_LEADSALESFORCE_UPDATE_OPPORTUNITYSALESFORCE_UPDATE_TASKdeclared capabilities: code/command execution, network access, filesystem access
SALESFORCE_CREATE_CAMPAIGN_RECORD_VIA_POSTSALESFORCE_CREATE_LEAD_WITH_SPECIFIED_CONTENT_TYPESALESFORCE_CREATE_NEW_CONTACT_WITH_JSON_HEADERSALESFORCE_CREATE_OPPORTUNITY_RECORDSALESFORCE_UPDATE_ACCOUNT_OBJECT_BY_IDSALESFORCE_UPDATE_CAMPAIGN_BY_ID_WITH_JSONSALESFORCE_UPDATE_CONTACT_BY_IDSALESFORCE_UPDATE_LEAD_BY_ID_WITH_JSON_PAYLOADSALESFORCE_UPDATE_OPPORTUNITY_BY_IDdeclared capabilities: filesystem access, HTTP requests
SALESFORCE_CREATE_NOTESALESFORCE_LIST_EMAIL_TEMPLATESSALESFORCE_UPDATE_NOTEdeclared capabilities: network access, filesystem access, HTTP requests
SALESFORCE_CREATE_NOTE_RECORD_WITH_CONTENT_TYPE_HEADERSALESFORCE_UPDATE_SPECIFIC_NOTE_BY_IDdeclared capabilities: filesystem access
SALESFORCE_DELETE_ACCOUNTSALESFORCE_DELETE_A_LEAD_OBJECT_BY_ITS_IDSALESFORCE_DELETE_CAMPAIGNSALESFORCE_DELETE_CONTACTSALESFORCE_DELETE_LEADSALESFORCE_DELETE_NOTESALESFORCE_DELETE_OPPORTUNITYSALESFORCE_REMOVE_A_SPECIFIC_CONTACT_BY_IDSALESFORCE_REMOVE_CAMPAIGN_OBJECT_BY_IDSALESFORCE_REMOVE_FROM_CAMPAIGNSALESFORCE_REMOVE_NOTE_OBJECT_BY_IDSALESFORCE_REMOVE_OPPORTUNITY_BY_IDdeclared capabilities: code/command execution, network access, database access
SALESFORCE_EXECUTE_SOQL_QUERYSALESFORCE_RUN_SOQL_QUERYdeclared capabilities: network access
SALESFORCE_FETCH_ACCOUNT_BY_ID_WITH_QUERYSALESFORCE_FETCH_MODIFIED_OR_UNMODIFIED_SOBJECTSSALESFORCE_LIST_DASHBOARDSSALESFORCE_LIST_REPORTSSALESFORCE_QUERY_CONTACTS_BY_NAMESALESFORCE_RETRIEVE_ACCOUNT_DATA_AND_ERROR_RESPONSESSALESFORCE_SEARCH_ACCOUNTSSALESFORCE_SEARCH_CAMPAIGNSSALESFORCE_SEARCH_CONTACTSSALESFORCE_SEARCH_LEADSSALESFORCE_SEARCH_OPPORTUNITIESSALESFORCE_SEARCH_TASKSdeclared capabilities: database access
SALESFORCE_LIST_ACCOUNTSSALESFORCE_LIST_CAMPAIGNSSALESFORCE_LIST_CONTACTSSALESFORCE_LIST_LEADSSALESFORCE_LIST_NOTESSALESFORCE_LIST_OPPORTUNITIESSALESFORCE_LIST_PRICEBOOK_ENTRIESSALESFORCE_LIST_PRICEBOOKSdeclared capabilities: HTTP requests
SALESFORCE_LOG_EMAIL_ACTIVITYSALESFORCE_SEND_EMAILSALESFORCE_SEND_MASS_EMAILdeclared capabilities: network access, filesystem access
SALESFORCE_REMOVE_ACCOUNT_BY_UNIQUE_IDENTIFIERdeclared capabilities: network access, HTTP requests
SALESFORCE_SEARCH_NOTESFix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.
SALESFORCE_ACCOUNT_CREATION_WITH_CONTENT_TYPE_OPTIONSALESFORCE_ADD_CONTACT_TO_CAMPAIGNSALESFORCE_ADD_LEAD_TO_CAMPAIGNSALESFORCE_ADD_OPPORTUNITY_LINE_ITEMSALESFORCE_APPLY_LEAD_ASSIGNMENT_RULESSALESFORCE_ASSOCIATE_CONTACT_TO_ACCOUNTSALESFORCE_CLONE_OPPORTUNITY_WITH_PRODUCTSSALESFORCE_CLONE_RECORDSALESFORCE_COMPLETE_TASKSALESFORCE_CREATE_ACCOUNTSALESFORCE_CREATE_CAMPAIGNSALESFORCE_CREATE_CAMPAIGN_RECORD_VIA_POSTSALESFORCE_CREATE_CONTACTSALESFORCE_CREATE_LEADSALESFORCE_CREATE_LEAD_WITH_SPECIFIED_CONTENT_TYPESALESFORCE_CREATE_NEW_CONTACT_WITH_JSON_HEADERSALESFORCE_CREATE_NOTESALESFORCE_CREATE_NOTE_RECORD_WITH_CONTENT_TYPE_HEADERSALESFORCE_CREATE_OPPORTUNITYSALESFORCE_CREATE_OPPORTUNITY_RECORDSALESFORCE_CREATE_TASKSALESFORCE_DELETE_ACCOUNTSALESFORCE_DELETE_A_LEAD_OBJECT_BY_ITS_IDSALESFORCE_DELETE_CAMPAIGNSALESFORCE_DELETE_CONTACTSALESFORCE_DELETE_LEADSALESFORCE_DELETE_NOTESALESFORCE_DELETE_OPPORTUNITYSALESFORCE_EXECUTE_SOQL_QUERYSALESFORCE_FETCH_ACCOUNT_BY_ID_WITH_QUERYSALESFORCE_FETCH_MODIFIED_OR_UNMODIFIED_SOBJECTSSALESFORCE_GET_ACCOUNTSALESFORCE_GET_CAMPAIGNSALESFORCE_GET_CONTACTSALESFORCE_GET_DASHBOARDSALESFORCE_GET_LEADSALESFORCE_GET_NOTESALESFORCE_GET_NOTE_BY_ID_WITH_FIELDSSALESFORCE_GET_OPPORTUNITYSALESFORCE_GET_REPORTSALESFORCE_GET_REPORT_INSTANCESALESFORCE_GET_USER_INFOSALESFORCE_LIST_ACCOUNTSSALESFORCE_LIST_CAMPAIGNSSALESFORCE_LIST_CONTACTSSALESFORCE_LIST_DASHBOARDSSALESFORCE_LIST_EMAIL_TEMPLATESSALESFORCE_LIST_LEADSSALESFORCE_LIST_NOTESSALESFORCE_LIST_OPPORTUNITIESSALESFORCE_LIST_PRICEBOOK_ENTRIESSALESFORCE_LIST_PRICEBOOKSSALESFORCE_LIST_REPORTSSALESFORCE_LOG_CALLSALESFORCE_LOG_EMAIL_ACTIVITYSALESFORCE_MASS_TRANSFER_OWNERSHIPSALESFORCE_QUERY_CONTACTS_BY_NAMESALESFORCE_QUERY_REPORTSALESFORCE_REMOVE_ACCOUNT_BY_UNIQUE_IDENTIFIERSALESFORCE_REMOVE_A_SPECIFIC_CONTACT_BY_IDSALESFORCE_REMOVE_CAMPAIGN_OBJECT_BY_IDSALESFORCE_REMOVE_FROM_CAMPAIGNSALESFORCE_REMOVE_NOTE_OBJECT_BY_IDSALESFORCE_REMOVE_OPPORTUNITY_BY_IDSALESFORCE_RETRIEVE_ACCOUNT_DATA_AND_ERROR_RESPONSESSALESFORCE_RETRIEVE_CAMPAIGN_DATA_WITH_ERROR_HANDLINGSALESFORCE_RETRIEVE_CONTACT_INFO_WITH_STANDARD_RESPONSESSALESFORCE_RETRIEVE_LEAD_BY_IDSALESFORCE_RETRIEVE_LEAD_DATA_WITH_VARIOUS_RESPONSESSALESFORCE_RETRIEVE_NOTE_OBJECT_INFORMATIONSALESFORCE_RETRIEVE_OPPORTUNITIES_DATASALESFORCE_RETRIEVE_OPPORTUNITY_BY_ID_WITH_OPTIONAL_FIELDSSALESFORCE_RETRIEVE_SPECIFIC_CAMPAIGN_OBJECT_DETAILSSALESFORCE_RETRIEVE_SPECIFIC_CONTACT_BY_IDSALESFORCE_RUN_REPORTSALESFORCE_RUN_SOQL_QUERYSALESFORCE_SEARCH_ACCOUNTSSALESFORCE_SEARCH_CAMPAIGNSSALESFORCE_SEARCH_CONTACTSSALESFORCE_SEARCH_LEADSSALESFORCE_SEARCH_NOTESSALESFORCE_SEARCH_OPPORTUNITIESSALESFORCE_SEARCH_TASKSSALESFORCE_SEND_EMAILSALESFORCE_SEND_EMAIL_FROM_TEMPLATESALESFORCE_SEND_MASS_EMAILSALESFORCE_UPDATE_ACCOUNTSALESFORCE_UPDATE_ACCOUNT_OBJECT_BY_IDSALESFORCE_UPDATE_CAMPAIGNSALESFORCE_UPDATE_CAMPAIGN_BY_ID_WITH_JSONSALESFORCE_UPDATE_CONTACTSALESFORCE_UPDATE_CONTACT_BY_IDSALESFORCE_UPDATE_LEADSALESFORCE_UPDATE_LEAD_BY_ID_WITH_JSON_PAYLOADSALESFORCE_UPDATE_NOTESALESFORCE_UPDATE_OPPORTUNITYSALESFORCE_UPDATE_OPPORTUNITY_BY_IDSALESFORCE_UPDATE_SPECIFIC_NOTE_BY_IDSALESFORCE_UPDATE_TASKFix: Review and remediate the identified issue.
SALESFORCE_SEND_EMAIL_FROM_TEMPLATE:input parameter "add_threading_tokens" accepts a credential (informational; not evidence of insecure handling)
Fix: Avoid accepting raw credentials as input parameters. Use secret managers (e.g. 1Password CLI, AWS Secrets Manager) and ensure credentials are never logged or stored in agent traces.
Scan this tool yourself
Reproduce this audit locally, integrate into CI, or let your agent audit its own tools.
Install once, then scan any MCP server:
$ curl -sfL https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-scanner/main/install.sh | bash$ tooltrust-scanner scan --server "npx -y mcp-salesforce"Adjust the package name if your npm registry name differs from the tool ID. View source
Add badge to your README
Copy this Markdown to show your ToolTrust grade on GitHub.
[](https://github.com/AgentSafe-AI/tooltrust-directory)