High-risk tools in Salesforce

High severity Salesforce MCP Server 7 of 35 tools

7 of the 35 tools in Salesforce are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

deploy_metadata Execute

Deploy metadata to a Salesforce org
open_org Execute

Open a Salesforce org in the browser
resume_tool_operation Execute

Resume a paused tool operation
run_agent_test Execute

Run agent tests in a Salesforce org
run_apex_test Execute

Run Apex tests in a Salesforce org
run_code_analyzer Execute

Run Code Analyser on source code
sfDevopsPromoteWorkItem Execute

Promote a DevOps Center work item

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Salesforce

Tools at high risk

Attacks that target this class

More on Salesforce

Let agents act without letting them run wild.