Salesforce MCP Server
MCP server for Salesforce Data Dictionary Generation
Very Good Security
Security ScoreA
Vulnerabilities Found
Quality ScoreC
Maintenance48
Popularity61
Documentation68
Available Documentation
Compatibility73
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(1)
READMESalesforce MCP Server
Salesforce MCP
⚠️ SOQL INJECTION VULNERABILITY ⚠️
Issue
Query construction does not sanitize user input, allowing SOQL injection attacks.
Example
Input: x' OR Id != ''
Query becomes: SELECT Id FROM Account WHERE Name = 'x' OR Id != ''
Impact
- Access to unauthorized records
- Data exfiltration
- Business logic bypass
Mitigation
Use parameterized queries with Salesforce Apex binding variables.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/salesforce-mcp-soql-injection)Server Information
- Source
- NPM
- Package
- salesforce-mcp
- Version
- 1.0.2
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026