← 返回 Skills 市场
Salesforce SDR Admin (Browser)
作者
sfdcbrewery
· GitHub ↗
· v1.0.0
976
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install salesforce-sdr-admin
功能描述
UI-driven Salesforce SDR and admin execution across Sales Cloud, Service Cloud, Experience Cloud, and CPQ/Revenue Cloud. Use when a user asks to operate Salesforce in the browser (not API), manage leads/opportunities/cases/quotes, perform setup or configuration tasks, or make Apex/LWC/Aura changes with strict confirmation and secure local credential handling.
安全使用建议
This skill appears to be designed to control Salesforce via a browser session and to use locally-stored credentials. Before installing or using it: 1) Confirm the publisher/source — there is no homepage or author info. 2) Ask the publisher to update registry metadata to declare the required env vars and the credential file path so you can review and approve them. 3) Only allow this skill to run against non-production or least-privilege Salesforce accounts while you validate behavior. 4) Verify how the OpenClaw browser relay/Chrome extension works and whether it can access session cookies or other sensitive tokens. 5) Ensure the local credential file (~/.openclaw/credentials/salesforce.json) has strict filesystem permissions and consider using short-lived or scoped credentials. 6) Prefer manual invocation (do not enable autonomous runs) or require an extra human confirmation step for any write or deployment action. 7) If you need stronger assurances, request an auditable provenance (source repo, publisher contact) or ask for the skill to declare and document exactly what local reads it will perform.
功能分析
Type: OpenClaw Skill
Name: salesforce-sdr-admin
Version: 1.0.0
This skill bundle is designed for Salesforce SDR and admin tasks, including browser control and UI-based code edits (Apex/LWC/Aura). While these capabilities are inherently powerful, the skill includes extensive and explicit safety gates and prompt-injection defenses. It strictly forbids credential exfiltration, executing commands from untrusted sources (web pages, records, emails), and bypassing user confirmations for write actions. Credential handling is explicitly local-only (environment variables, local file, browser autofill). The `SKILL.md` and `references/prompt-injection-guardrails.md` files contain clear instructions for the AI agent to reject malicious prompts and prioritize user safety, indicating a strong intent for secure operation.
能力评估
Purpose & Capability
The skill's stated purpose (performing Salesforce UI/admin work in the browser) aligns with the instructions (UI flows, admin/dev tasks, use of a browser relay). However, the SKILL.md expects local credential sources (environment variables and a ~/.openclaw/credentials/salesforce.json file) even though the registry metadata lists no required env vars or config paths. That mismatch should be resolved by the publisher.
Instruction Scope
The runtime instructions stay within the browser-driven Salesforce domain (navigate UI, require confirmations, avoid executing embedded instructions). They explicitly require reading local credential sources and attaching to an OpenClaw Chrome relay. No unrelated system files or network endpoints are referenced. Still, the skill delegates access to sensitive browser sessions and local credential files, which expands its effective scope.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. There is no download/extract step or third-party package installation to evaluate.
Credentials
The instructions require Salesforce credentials (SF_USERNAME, SF_PASSWORD, SF_LOGIN_URL, optional SF_SECURITY_TOKEN) and specify a local credential file path, but the registry shows no required env vars or config paths. Asking for credentials stored locally is appropriate for the task, but the registry metadata should declare these requirements. The skill also needs access to the browser session (which can expose session tokens) — this is powerful and must be limited to trusted contexts (e.g., non-production orgs or least-privilege accounts).
Persistence & Privilege
The skill is not always-enabled and is user-invocable (normal). However, because it operates on an attached browser profile and can access local credential files, autonomous invocation (the platform default) would increase the blast radius if the agent were ever given broad runtime permissions. Consider restricting invocation to explicit user actions or requiring extra confirmation for sensitive tasks.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install salesforce-sdr-admin - 安装完成后,直接呼叫该 Skill 的名称或使用
/salesforce-sdr-admin触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release.
元数据
常见问题
Salesforce SDR Admin (Browser) 是什么?
UI-driven Salesforce SDR and admin execution across Sales Cloud, Service Cloud, Experience Cloud, and CPQ/Revenue Cloud. Use when a user asks to operate Salesforce in the browser (not API), manage leads/opportunities/cases/quotes, perform setup or configuration tasks, or make Apex/LWC/Aura changes with strict confirmation and secure local credential handling. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 976 次。
如何安装 Salesforce SDR Admin (Browser)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install salesforce-sdr-admin」即可一键安装,无需额外配置。
Salesforce SDR Admin (Browser) 是免费的吗?
是的,Salesforce SDR Admin (Browser) 完全免费(开源免费),可自由下载、安装和使用。
Salesforce SDR Admin (Browser) 支持哪些平台?
Salesforce SDR Admin (Browser) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Salesforce SDR Admin (Browser)?
由 sfdcbrewery(@sfdcbrewery)开发并维护,当前版本 v1.0.0。
推荐 Skills