Latest release: v1.0.0Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The stated purpose, plugin manifest, and included skill files align around Salesforce Commerce development guidance for SFCC, PWA Kit, Apex, LWC, APIs, payments, testing, and security.
Instruction Scope
The skill repeatedly instructs the agent to web-search or web-fetch official Salesforce and related documentation before writing code. This is coherent for fast-changing developer APIs, but users should expect external documentation access.
Install Mechanism
The registry says there is no install spec and this is instruction-only, while the bundle includes helper scripts that appear to be safety hooks. Users should not assume those scripts are active unless their OpenClaw host wires them in.
Credentials
The bundled safety script recognizes Salesforce CLI operations such as deploys, org login, code activation, and deletions. These are high-impact operations in real Salesforce environments, but the script is defensive and no credentials or binaries are required by the skill metadata.
Persistence & Privilege
The provided artifacts do not show background workers, persistence, self-propagation, credential storage, or automatic execution after installation.
Assessment
This skill looks safe to install as developer guidance. Expect it to encourage web lookups of official Salesforce documentation, and be cautious before allowing any agent-run Salesforce CLI command, especially deploys, org logins, code activations, deletes, or production-targeted actions. Verify separately whether the bundled safety hook scripts are actually enabled in your OpenClaw environment.