Software InsightsAll Posts

Cli

Insights and articles on Cli

The audit plugin has grown from 22 checks to 23, added four new threat surfaces, and gained a fully configurable scoring model. Here is what changed and why it matters.

TL;DR: New checks cover flows without sharing, hardcoded credentials, guest user access, and public group over-sharing. The scoring model is now fully configurable via --scoring-config. SOQLs and Tooling queries live in JSON files outside the code.
SalesforceSecuritysf pluginCLITypeScriptOpen Source

Most Salesforce orgs are carrying security debt they don't know about. This plugin surfaces it in a single command.

TL;DR: Install @cclabsnz/sf-audit, run sf audit security --target-org <alias>, get an HTML report with a health score, a grade, and a prioritised list of findings.
SalesforceSecurityCLIDevOpssf plugin

© 2025 CloudCounsel Ltd. All rights reserved. Expert software development insights and consulting.