Package Exports
- @squirex.dev/mcp-server
- @squirex.dev/mcp-server/dist/index.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@squirex.dev/mcp-server) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
@squirex.dev/mcp-server
SquireX MCP Server β Agentforce Capability Scanner for AI Coding Agents
Model Context Protocol server exposing the SquireX Agentforce Capability Scanner to AI-powered developer tools. Works with Claude Code, Gemini, GitHub Copilot, and any MCP-compatible IDE.
Why SquireX?
Salesforce Agentforce agents use LLMs to autonomously execute Apex, Flows, and external services. Without guardrails, this creates OWASP LLM Top 10 vulnerabilities:
- π΄ Excessive Agency β Agents that modify data without user confirmation
- π΄ Prompt Injection β User input that hijacks agent instructions
- π΄ Privilege Escalation β Actions running in system context without sharing
- π Supply Chain β Stale API versions that silently skip metadata types
SquireX scans your Agentforce metadata with 26 SAST rules across 9 categories and integrates directly into your AI coding workflow.
Quick Start
Add to your AI IDE configuration (Claude Code, Gemini, VS Code, JetBrains):
{
"mcpServers": {
"squirex": {
"command": "npx",
"args": ["-y", "@squirex.dev/mcp-server"],
"env": {
"SQUIREX_PROJECT_DIR": "/path/to/your/salesforce/project"
}
}
}
}That's it. Your AI agent now has access to the Agentforce Capability Scanner.
MCP Surface
Tools (16)
Core Scanning (Primary Value)
| Tool | Description |
|---|---|
scan_agentforce |
Run all 26 SAST rules against the project. Returns SARIF. |
scan_agentforce_file |
Scan a single metadata file (.genAiFunction-meta.xml, .agent, etc.) |
scan_agentforce_rule |
Run a specific rule (e.g., AGENTFORCE-1.1) |
Rule Intelligence
| Tool | Description |
|---|---|
list_scan_rules |
List all 26 rules with ID, category, severity |
get_rule_details |
Deep dive: description + remediation guidance |
explain_violation |
Root-cause analysis for a specific violation |
suggest_fix |
Generate a code/metadata fix suggestion |
Apex Testing & Schema
| Tool | Description |
|---|---|
run_tests |
Execute Apex tests locally using the Go interpreter |
get_coverage |
Extract line-level code coverage data |
analyze_schema |
Aggregate inferred SObject schema from the codebase |
predict_conflicts |
Predict merge conflicts between branches |
generate_sarif_report |
Generate SARIF for CI/CD pipeline integration |
Testing Center Bridge
| Tool | Description |
|---|---|
generate_dx_tests |
Convert scan violations β Agentforce DX test YAML for Testing Center |
validate_dx_tests |
Validate DX test spec syntax and schema |
push_to_testing_center |
Push test spec to Salesforce via sf agent test run |
get_testing_center_results |
Get status/results of a Testing Center test run |
Resources (6)
| URI | Description |
|---|---|
squirex://scan/rules |
Complete 26-rule catalog |
squirex://scan/rules/{id} |
Rule detail with remediation |
squirex://scan/results/latest |
Latest scan results (SARIF) |
squirex://schema/objects |
Inferred SObject schema |
squirex://test-results/latest |
Latest Apex test results |
squirex://coverage/latest |
Latest code coverage |
Prompts (4)
| Prompt | What It Does |
|---|---|
review-agentforce-security |
Full 26-rule scan β prioritized remediation plan |
fix-agentforce-violation |
Diagnose + fix a specific violation |
harden-agent-metadata |
Proactive defense-in-depth review |
generate-test-evaluation |
Generate Agentforce DX test YAML specs for Testing Center |
Agentforce Capability Scanner β 26 Rules
| # | Category | Rules | Severity |
|---|---|---|---|
| 1 | Action Configuration | Mandatory Confirmation, Schema Sync, Privilege Analysis | π΄ Critical / π High |
| 2 | Agent Script Safety | Validation Guards, Transition Integrity, Prompt Injection Defense | π΄ Critical / π High |
| 3 | Grounding Security | Hardcoded Secrets, FLS Masking Alignment | π΄ Critical / π High |
| 4 | Structural Dependency | Planner Completeness, Deactivation Collision, Evaluation Governance | π High / π‘ Medium |
| 5 | Extended Graph Security | Flow Context/Silent State/Injection, API Injection, PT Poisoning/Activation | π΄ Critical / π High |
| 6 | Supply Chain Security | API Downgrade, Schema Desync, Managed Package Origin | π High / π‘ Medium |
| 7 | Agentic Architecture | Topic Bloat, Skill Semantics, Context Traversal | π High / π‘ Medium |
| 8 | Instruction Integrity | Metadata Instruction Poisoning, Cross-Topic Boundary | π΄ Critical / π High |
| 9 | Operational Reliability | Validation Conflict | π‘ Medium |
Supported Metadata Types
.genAiFunction-meta.xml.genAiPlugin-meta.xml.genAiPlannerBundle-meta.xml.genAiPromptTemplate-meta.xml.genAiPromptTemplateActv-meta.xml.agentfiles.cls(Apex classes).trigger(Apex triggers)schema.json
How It Works
AI Coding Agent (Claude / Gemini / Copilot)
β
β MCP Protocol (stdio)
βΌ
βββββββββββββββββββββββ
β @squirex.dev/mcp-serverβ β This package
β 16 tools, 6 resources β
β 4 prompts β
βββββββββ¬βββββββββββββββββ
β spawn
βΌ
βββββββββββββββββββββββ
β squirex CLI β
βββββββββ¬ββββββββββββββ
β JSON IPC
βΌ
βββββββββββββββββββββββ
β squireinterp β
β Go Execution Engineβ
β 26 SAST Rules β
βββββββββββββββββββββββRequirements
- Node.js β₯ 18
squirexCLI installed (or available via npx)- A Salesforce project with Agentforce metadata
GitHub App Integration
For automated PR scanning, install the SquireX GitHub App β one-click setup, 26-rule scan on every pull request, SARIF in your Security tab.
| Plan | Public Repos | Private Repos | Price |
|---|---|---|---|
| Free | Unlimited | β | $0 |
| Enterprise | Unlimited | Unlimited | $1,000/repo/year |
License
Proprietary β See LICENSE.md
Copyright Β© 2026 SquireX. All Rights Reserved.
β‘ Built by SquireX β Securing the AI Agent Pipeline