← 返回 Skills 市场
Salesforce AI Agentforce Testing
作者
Anush DSouza
· GitHub ↗
· v1.0.0
· MIT-0
120
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install sf-ai-agentforce-testing
功能描述
Agentforce agent testing with dual-track workflow and 100-point scoring. TRIGGER when: user tests Agentforce agents, runs sf agent test commands, creates tes...
安全使用建议
This skill appears to implement what it claims (Agentforce test execution, coverage, and an automated fix loop) but includes executable scripts that manage credentials and can modify agents in your org. Before installing or running it: 1) Review the shipped scripts (especially credential_manager.py, run-automated-tests.py, multi_turn_test_runner.py, and any code that calls sf or the Agent Runtime API) to confirm they do not exfiltrate tokens or call unexpected endpoints. 2) Only provide credentials for a safe test/dev org; do not reuse production admin keys. 3) If you will not allow automatic fixes or republishing, disable or require explicit confirmation for the 'agentic fix loop'. 4) Prefer interactive sf org login (web) where possible rather than storing ECA credentials in files or env vars. 5) If you lack the ability to audit the scripts, run the skill in a sandboxed/test environment first and monitor network calls and API activity. If you want, I can scan specific script files (credential_manager.py, run-automated-tests.py) and summarize any risky operations (network endpoints, file system writes, subprocess execution).
功能分析
Type: OpenClaw Skill
Name: sf-ai-agentforce-testing
Version: 1.0.0
The sf-ai-agentforce-testing skill bundle is a comprehensive toolset for testing Salesforce Agentforce agents. It includes Python scripts for metadata discovery (agent_discovery.py), a secure local credential manager (credential_manager.py), and a multi-turn conversation test runner (multi_turn_test_runner.py). The bundle facilitates both single-utterance CLI tests and complex multi-turn API interactions using the official Salesforce Agent Runtime API. The code uses standard libraries and the Salesforce CLI (sf) to perform its tasks, and the credential management implementation follows security best practices by using restricted file permissions (0600) and local storage (~/.sfagent/). No evidence of malicious intent, data exfiltration, or prompt injection was found.
能力标签
能力评估
Purpose & Capability
The name/description match the delivered assets: test-spec templates, CLI examples, coverage analysis, and Python/bash scripts to run multi-turn tests and reports. Requiring ECA/auth and the sf CLI is coherent with Agentforce testing. Minor mismatch: the package contains credential_manager.py and tooling for validating ECA credentials but declares no required environment variables or primary credential in the manifest — the skill expects org-level auth (ECA, sf login) but doesn't declare how those credentials are supplied.
Instruction Scope
SKILL.md limits scope to Agentforce testing and gives detailed workflows. It explicitly instructs the agent to run local scripts under ~/.claude/skills/.../hooks/scripts/ and to use provided credential tooling for ECA flows. That is within purpose, but it means the agent will execute shipped scripts (credential_manager.py, multi_turn_test_runner.py, run-automated-tests.py, etc.) which may access org APIs, credentials, and perform actions such as re-publish/re-activate agents as part of the 'agentic fix loop'. The SKILL.md also includes deliberate prompt-injection examples (e.g., 'Ignore all your previous instructions') as test cases — these are expected for guardrail tests but flagged by scanners.
Install Mechanism
No install spec is present (instruction-only installation), so nothing is downloaded from an external URL during install. All code is bundled in the skill package. That lowers remote-execution risk compared to fetching arbitrary archives.
Credentials
The skill does not declare required env vars, yet its operation legitimately requires Salesforce org credentials (CLI auth and ECA credentials) and uses a credential manager script. This is proportionate to the declared purpose if you provide testing-org credentials, but it can be high privilege: the fix-loop can generate fixes and re-publish/re-activate agents (actions that require deploy/authoring permissions). There is no manifest indication of least-privilege guidance or an explicit safe-mode/confirm-only mode for the auto-fix loop.
Persistence & Privilege
always:false and no OS restrictions. The agent policy allows implicit invocation. The notable privilege is functional: the skill implements an 'agentic fix loop' that may call other skills (sf-ai-agentscript) to modify and re-publish agents and re-run tests up to multiple iterations. That behavior is coherent for automated testing but grants the skill the ability to change org/agent state — verify you want that level of automation and ensure it runs only with appropriately scoped test-org credentials.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sf-ai-agentforce-testing - 安装完成后,直接呼叫该 Skill 的名称或使用
/sf-ai-agentforce-testing触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial ClawHub publish.
元数据
常见问题
Salesforce AI Agentforce Testing 是什么?
Agentforce agent testing with dual-track workflow and 100-point scoring. TRIGGER when: user tests Agentforce agents, runs sf agent test commands, creates tes... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 120 次。
如何安装 Salesforce AI Agentforce Testing?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sf-ai-agentforce-testing」即可一键安装,无需额外配置。
Salesforce AI Agentforce Testing 是免费的吗?
是的,Salesforce AI Agentforce Testing 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Salesforce AI Agentforce Testing 支持哪些平台?
Salesforce AI Agentforce Testing 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Salesforce AI Agentforce Testing?
由 Anush DSouza(@dsouza-anush)开发并维护,当前版本 v1.0.0。
推荐 Skills