ai.smithery/kodey-ai-salesforce-mcp-minimal

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    361: 
    362:         // Set login URL
>>> 363:         (conn as any).loginUrl = process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com';
    364: 
    365:         try {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    357:         console.log('Using username/password authentication');
    358:         const conn = new Connection({
>>> 359:           version: process.env.SALESFORCE_API_VERSION || '59.0'
    360:         });
    361: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    354: 
    355:       // Method 3: Use username/password flow
>>> 356:       if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    357:         console.log('Using username/password authentication');
    358:         const conn = new Connection({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    348:         // Set properties directly
    349:         (conn as any).instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
>>> 350:         (conn as any).accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    351: 
    352:         return conn;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    347: 
    348:         // Set properties directly
>>> 349:         (conn as any).instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
    350:         (conn as any).accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    351: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    343:         console.log('Using access token authentication');
    344:         const conn = new Connection({
>>> 345:           version: process.env.SALESFORCE_API_VERSION || '59.0'
    346:         });
    347: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    340: 
    341:       // Method 2: Use access token if provided
>>> 342:       if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    343:         console.log('Using access token authentication');
    344:         const conn = new Connection({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    5: ### Step 1: Set Up Salesforce Credentials
    6: 
>>> 7: Create a `.env` file in `packages/mcp/`:
    8: 
    9: ```bash

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    273: 
    274:         // Get org connection
>>> 275:         const org = orgUsername || process.env.SALESFORCE_ORG_USERNAME || 'DEFAULT_TARGET_ORG';
    276:         const connection = await this.getConnection(org, instanceUrl);
    277: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    249:           orgs: [{
    250:             username: process.env.SALESFORCE_USERNAME || 'DEFAULT_TARGET_ORG',
>>> 251:             instanceUrl: process.env.SALESFORCE_INSTANCE_URL || 'https://login.salesforce.com'
    252:           }]
    253:         });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    248:           success: true,
    249:           orgs: [{
>>> 250:             username: process.env.SALESFORCE_USERNAME || 'DEFAULT_TARGET_ORG',
    251:             instanceUrl: process.env.SALESFORCE_INSTANCE_URL || 'https://login.salesforce.com'
    252:           }]

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    162: 
    163:         // Get org connection
>>> 164:         const org = orgUsername || process.env.SALESFORCE_ORG_USERNAME || 'DEFAULT_TARGET_ORG';
    165:         const connection = await this.getConnection(org, instanceUrl);
    166: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    126: 
    127:         // Get org connection
>>> 128:         const org = orgUsername || process.env.SALESFORCE_ORG_USERNAME || 'DEFAULT_TARGET_ORG';
    129:         const connection = await this.getConnection(org, instanceUrl);
    130: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    98:       res.json({
    99:         name: 'salesforce-mcp-server',
>>> 100:         version: process.env.npm_package_version || '0.21.2',
    101:         capabilities: {
    102:           tools: [

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    378: 2. ✅ Configure OAuth settings
    379: 3. ✅ Get Consumer Key and Secret
>>> 380: 4. ✅ Update .env with OAuth credentials
    381: 5. ✅ Test OAuth connection
    382: 6. ✅ Deploy to smithery.ai

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    315: - Upload server.crt
    316: 
>>> 317: 3. **Configure JWT in .env:**
    318: ```env
    319: SALESFORCE_JWT_KEY_FILE=./server.key

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    163: 
    164: ### 6.1 Password Flow (Simplest)
>>> 165: Already configured in your `.env`:
    166: ```env
    167: SALESFORCE_CLIENT_ID=your_consumer_key

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    76: 
    77: ### 4.1 Create .env file
>>> 78: Create a `.env` file in `packages/mcp/`:
    79: 
    80: ```env

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    89:         status: 'healthy',
    90:         server: 'salesforce-mcp-server',
>>> 91:         version: process.env.npm_package_version || '0.21.2',
    92:         timestamp: new Date().toISOString()
    93:       });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    44:   constructor(services: Services, port: number = 3000) {
    45:     this.services = services;
>>> 46:     this.port = process.env.PORT ? parseInt(process.env.PORT) : port;
    47:     this.app = express();
    48:     this.setupMiddleware();

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    45:     else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    46:       const password = process.env.SALESFORCE_SECURITY_TOKEN
>>> 47:         ? process.env.SALESFORCE_PASSWORD + process.env.SALESFORCE_SECURITY_TOKEN
    48:         : process.env.SALESFORCE_PASSWORD;
    49:       await conn.login(process.env.SALESFORCE_USERNAME, password);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    44:     // Try username/password
    45:     else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
>>> 46:       const password = process.env.SALESFORCE_SECURITY_TOKEN
    47:         ? process.env.SALESFORCE_PASSWORD + process.env.SALESFORCE_SECURITY_TOKEN
    48:         : process.env.SALESFORCE_PASSWORD;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    75: ## Step 4: Configure Your Local Environment
    76: 
>>> 77: ### 4.1 Create .env file
    78: Create a `.env` file in `packages/mcp/`:
    79: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    47:         ? process.env.SALESFORCE_PASSWORD + process.env.SALESFORCE_SECURITY_TOKEN
    48:         : process.env.SALESFORCE_PASSWORD;
>>> 49:       await conn.login(process.env.SALESFORCE_USERNAME, password);
    50:     } else {
    51:       throw new Error('No valid Salesforce authentication credentials provided');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    43:     }
    44:     // Try username/password
>>> 45:     else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    46:       const password = process.env.SALESFORCE_SECURITY_TOKEN
    47:         ? process.env.SALESFORCE_PASSWORD + process.env.SALESFORCE_SECURITY_TOKEN

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    40:     else if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    41:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
>>> 42:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
    43:     }
    44:     // Try username/password

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    35:         process.env.SALESFORCE_CLIENT_SECRET &&
    36:         process.env.SALESFORCE_REFRESH_TOKEN) {
>>> 37:       await conn.oauth2.refreshToken(process.env.SALESFORCE_REFRESH_TOKEN);
    38:     }
    39:     // Try access token

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    39:     // Try access token
    40:     else if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
>>> 41:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    42:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
    43:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    34:     if (process.env.SALESFORCE_CLIENT_ID &&
    35:         process.env.SALESFORCE_CLIENT_SECRET &&
>>> 36:         process.env.SALESFORCE_REFRESH_TOKEN) {
    37:       await conn.oauth2.refreshToken(process.env.SALESFORCE_REFRESH_TOKEN);
    38:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    21:   stdio: 'inherit',
    22:   env: {
>>> 23:     ...process.env,
    24:     NODE_ENV: 'production'
    25:   }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    37:       content: [{
    38:         type: 'text',
>>> 39:         text: `Query: ${query}\nResults: Connected to ${process.env.SALESFORCE_USERNAME || 'zot.my.salesforce.com'}`
    40:       }]
    41:     };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    384: `;
    385: 
>>> 386:   const envFile = path.join(__dirname, '.env.oauth');
    387:   await fs.writeFile(envFile, envContent);
    388:   console.log(`✅ Environment variables saved to ${envFile}`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    131: ## 🔒 Security Notes
    132: 
>>> 133: - Never commit `.env` file to git
    134: - Keep your Consumer Secret safe
    135: - Tokens expire - the server handles refresh automatically

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    49:    ```
    50: 
>>> 51: 2. Edit `.env` and add your credentials:
    52:    ```env
    53:    # OAuth Credentials (from Step 2)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    376:   console.log(`\n✅ Tokens saved to ${tokensFile}`);
    377: 
>>> 378:   // Also update .env file format
    379:   const envContent = `
    380: # OAuth Tokens (Generated ${new Date().toISOString()})

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    326:       <ol>
    327:         <li>Copy the environment variables above</li>
>>> 328:         <li>Add them to your .env file or smithery.ai dashboard</li>
    329:         <li>Run: <code>node test-oauth-connection.js</code> to test</li>
    330:         <li>Deploy to smithery.ai: <code>./deploy-smithery.sh</code></li>

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    46:    ```bash
    47:    cd packages/mcp
>>> 48:    cp .env.example .env
    49:    ```
    50: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    43: ## Step 3: Configure Your Project (1 minute)
    44: 
>>> 45: 1. Create your `.env` file:
    46:    ```bash
    47:    cd packages/mcp

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    50: .env.local
    51: .env.production
>>> 52: .env.oauth
    53: .salesforce-config.json
    54: .oauth-tokens.json

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    49: .env.*
    50: .env.local
>>> 51: .env.production
    52: .env.oauth
    53: .salesforce-config.json

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    48: .env
    49: .env.*
>>> 50: .env.local
    51: .env.production
    52: .env.oauth

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    47: # Environment and credential files
    48: .env
>>> 49: .env.*
    50: .env.local
    51: .env.production

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    46: 
    47: # Environment and credential files
>>> 48: .env
    49: .env.*
    50: .env.local

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    30:   // 2. path to mcp bin via SF_MCP_SERVER_BIN env var
    31:   // 3. use the `sf-mcp-server` bin available in $PATH
>>> 32:   const command = options.command ?? process.env.SF_MCP_SERVER_BIN ?? 'sf-mcp-server'
    33: 
    34:   return new StdioClientTransport({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    452:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    453:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
>>> 454:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    455:   };
    456: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    451:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    452:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
>>> 453:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    454:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    455:   };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    450:     password: process.env.SALESFORCE_PASSWORD,
    451:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
>>> 452:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    453:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    454:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    33:     // Try OAuth first
    34:     if (process.env.SALESFORCE_CLIENT_ID &&
>>> 35:         process.env.SALESFORCE_CLIENT_SECRET &&
    36:         process.env.SALESFORCE_REFRESH_TOKEN) {
    37:       await conn.oauth2.refreshToken(process.env.SALESFORCE_REFRESH_TOKEN);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    315: 
    316:       <div class="env">
>>> 317:         <h3>Add these to your .env file (or smithery.ai environment):</h3>
    318:         <div class="code">
    319: SALESFORCE_ACCESS_TOKEN=${tokens.access_token}

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    299:         .success { background: #e7f5e7; padding: 20px; border-radius: 4px; }
    300:         .code { background: #f4f4f4; padding: 15px; border-radius: 4px; font-family: monospace; overflow-x: auto; }
>>> 301:         .env { background: #fff3cd; padding: 15px; border-radius: 4px; }
    302:       </style>
    303:     </head>

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    32: 
    33:     // Try OAuth first
>>> 34:     if (process.env.SALESFORCE_CLIENT_ID &&
    35:         process.env.SALESFORCE_CLIENT_SECRET &&
    36:         process.env.SALESFORCE_REFRESH_TOKEN) {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    21:       // Use existing token
    22:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
>>> 23:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
    24:     } else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    25:       // Login with credentials

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    20:     if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    21:       // Use existing token
>>> 22:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    23:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
    24:     } else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18:     });
    19: 
>>> 20:     if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    21:       // Use existing token
    22:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    27:   try {
    28:     const conn = new jsforce.Connection({
>>> 29:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    30:       version: '59.0'
    31:     });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: ├── README.md            # Documentation
    19: ├── .gitignore           # Git ignore file
>>> 20: ├── .env.example         # Example environment variables
    21: ├── test-local.sh        # Local testing script
    22: └── deploy.md            # Deployment guide

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    9: .env
    10: .env.local
>>> 11: .env.*.local
    12: 
    13: # IDE

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    207:       client_secret: oauth2Config.clientSecret,
    208:       username: process.env.SALESFORCE_USERNAME,
>>> 209:       password: process.env.SALESFORCE_PASSWORD
    210:     });
    211: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    8: # Environment files
    9: .env
>>> 10: .env.local
    11: .env.*.local
    12: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    7: 
    8: # Environment files
>>> 9: .env
    10: .env.local
    11: .env.*.local

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    206:       client_id: oauth2Config.clientId,
    207:       client_secret: oauth2Config.clientSecret,
>>> 208:       username: process.env.SALESFORCE_USERNAME,
    209:       password: process.env.SALESFORCE_PASSWORD
    210:     });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    193:       <html><body>
    194:         <h1>❌ Missing Credentials</h1>
>>> 195:         <p>Please add SALESFORCE_USERNAME and SALESFORCE_PASSWORD to your .env file</p>
    196:         <a href="/">Back</a>
    197:       </body></html>

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    26:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    27:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
>>> 28:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    29:   };
    30: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    25:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    26:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
>>> 27:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    28:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    29:   };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    24:     password: process.env.SALESFORCE_PASSWORD,
    25:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
>>> 26:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    27:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    28:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    23:     username: process.env.SALESFORCE_USERNAME,
    24:     password: process.env.SALESFORCE_PASSWORD,
>>> 25:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    26:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    27:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14:   try {
    15:     const conn = new jsforce.Connection({
>>> 16:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    17:       version: '59.0'
    18:     });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    19:   await conn.login(
    20:     process.env.SALESFORCE_USERNAME,
>>> 21:     process.env.SALESFORCE_PASSWORD
    22:   );
    23: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: 
    19:   await conn.login(
>>> 20:     process.env.SALESFORCE_USERNAME,
    21:     process.env.SALESFORCE_PASSWORD
    22:   );

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    189: // Password flow authentication
    190: app.get('/auth/password', async (req, res) => {
>>> 191:   if (!process.env.SALESFORCE_USERNAME || !process.env.SALESFORCE_PASSWORD) {
    192:     res.send(`
    193:       <html><body>

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    87: 
    88:         <h3>2. Username/Password Flow</h3>
>>> 89:         <p>Quick setup using your credentials from .env file.</p>
    90:         <a href="/auth/password" class="button">Use Password Flow</a>
    91: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    47:   clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    48:   redirectUri: `http://localhost:${PORT}/oauth/callback`,
>>> 49:   loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    50: };
    51: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    45: const oauth2Config = {
    46:   clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 47:   clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    48:   redirectUri: `http://localhost:${PORT}/oauth/callback`,
    49:   loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    44: // Configure OAuth2 settings
    45: const oauth2Config = {
>>> 46:   clientId: process.env.SALESFORCE_CLIENT_ID,
    47:   clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    48:   redirectUri: `http://localhost:${PORT}/oauth/callback`,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    22:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    23:     username: process.env.SALESFORCE_USERNAME,
>>> 24:     password: process.env.SALESFORCE_PASSWORD,
    25:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    26:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    21:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    22:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
>>> 23:     username: process.env.SALESFORCE_USERNAME,
    24:     password: process.env.SALESFORCE_PASSWORD,
    25:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14: async function getConnection() {
    15:   const conn = new jsforce.Connection({
>>> 16:     loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    17:   });
    18: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    5:   process.env.SF_LOG_COLORIZE = 'false';
    6:   process.env.SF_LOG_STDERR = 'true';
>>> 7:   process.env.SF_LOG_LEVEL = 'trace';
    8: }
    9: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    20:     clientId: process.env.SALESFORCE_CLIENT_ID,
    21:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
>>> 22:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    23:     username: process.env.SALESFORCE_USERNAME,
    24:     password: process.env.SALESFORCE_PASSWORD,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    19:   const config = {
    20:     clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 21:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    22:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    23:     username: process.env.SALESFORCE_USERNAME,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    126:       console.log('2. Go to Settings → My Personal Information → Reset My Security Token');
    127:       console.log('3. Check your email for the new token');
>>> 128:       console.log('4. Append it to your password in the .env file');
    129:     } else if (error.message.includes('UNABLE_TO_LOCK_ROW')) {
    130:       console.log('\n💡 The org is busy. Please try again in a few moments.');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    106:       username: process.env.SALESFORCE_USERNAME,
    107:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
>>> 108:       apiVersion: process.env.SALESFORCE_API_VERSION || '59.0',
    109:       timestamp: new Date().toISOString()
    110:     }, null, 2));

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    35: if (!process.env.SALESFORCE_CLIENT_ID || !process.env.SALESFORCE_CLIENT_SECRET) {
    36:   console.error('❌ Missing OAuth credentials in .env file!');
>>> 37:   console.log('\nPlease add these to your .env file:');
    38:   console.log('SALESFORCE_CLIENT_ID=your_consumer_key');
    39:   console.log('SALESFORCE_CLIENT_SECRET=your_consumer_secret');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    34: // Check for required environment variables
    35: if (!process.env.SALESFORCE_CLIENT_ID || !process.env.SALESFORCE_CLIENT_SECRET) {
>>> 36:   console.error('❌ Missing OAuth credentials in .env file!');
    37:   console.log('\nPlease add these to your .env file:');
    38:   console.log('SALESFORCE_CLIENT_ID=your_consumer_key');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    33: 
    34: // Check for required environment variables
>>> 35: if (!process.env.SALESFORCE_CLIENT_ID || !process.env.SALESFORCE_CLIENT_SECRET) {
    36:   console.error('❌ Missing OAuth credentials in .env file!');
    37:   console.log('\nPlease add these to your .env file:');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: 
    19: // Load environment variables
>>> 20: dotenv.config({ path: path.join(__dirname, '.env') });
    21: 
    22: const app = express();

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    32:     content: [{
    33:       type: 'text',
>>> 34:       text: `SOQL: ${query}\nOrg: ${process.env.SALESFORCE_USERNAME || 'maya@ecotoreda.com'}`
    35:     }]
    36:   };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    26:       await conn.login(
    27:         process.env.SALESFORCE_USERNAME,
>>> 28:         process.env.SALESFORCE_PASSWORD
    29:       );
    30:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    4:   process.env.DEBUG = 'sf*';
    5:   process.env.SF_LOG_COLORIZE = 'false';
>>> 6:   process.env.SF_LOG_STDERR = 'true';
    7:   process.env.SF_LOG_LEVEL = 'trace';
    8: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    3: if (process.argv.includes('--debug')) {
    4:   process.env.DEBUG = 'sf*';
>>> 5:   process.env.SF_LOG_COLORIZE = 'false';
    6:   process.env.SF_LOG_STDERR = 'true';
    7:   process.env.SF_LOG_LEVEL = 'trace';

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    2: 
    3: if (process.argv.includes('--debug')) {
>>> 4:   process.env.DEBUG = 'sf*';
    5:   process.env.SF_LOG_COLORIZE = 'false';
    6:   process.env.SF_LOG_STDERR = 'true';

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    138:     await conn.login(
    139:       process.env.SALESFORCE_USERNAME,
>>> 140:       process.env.SALESFORCE_PASSWORD
    141:     );
    142: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    137: 
    138:     await conn.login(
>>> 139:       process.env.SALESFORCE_USERNAME,
    140:       process.env.SALESFORCE_PASSWORD
    141:     );

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    449:     username: process.env.SALESFORCE_USERNAME,
    450:     password: process.env.SALESFORCE_PASSWORD,
>>> 451:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    452:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    453:     accessToken: process.env.SALESFORCE_ACCESS_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    448:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    449:     username: process.env.SALESFORCE_USERNAME,
>>> 450:     password: process.env.SALESFORCE_PASSWORD,
    451:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,
    452:     instanceUrl: process.env.SALESFORCE_INSTANCE_URL,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    447:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    448:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
>>> 449:     username: process.env.SALESFORCE_USERNAME,
    450:     password: process.env.SALESFORCE_PASSWORD,
    451:     securityToken: process.env.SALESFORCE_SECURITY_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    133:   if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    134:     const conn = new Connection({
>>> 135:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    136:     });
    137: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    131: 
    132:   // Method 3: Using username/password flow
>>> 133:   if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    134:     const conn = new Connection({
    135:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    125:     return new Connection({
    126:       instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
>>> 127:       accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    128:       version: '59.0'
    129:     });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    124:   if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    125:     return new Connection({
>>> 126:       instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    127:       accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    128:       version: '59.0'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    25:       // Login with credentials
    26:       await conn.login(
>>> 27:         process.env.SALESFORCE_USERNAME,
    28:         process.env.SALESFORCE_PASSWORD
    29:       );

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    22:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    23:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
>>> 24:     } else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    25:       // Login with credentials
    26:       await conn.login(

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    105:       instanceUrl: conn.instanceUrl,
    106:       username: process.env.SALESFORCE_USERNAME,
>>> 107:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    108:       apiVersion: process.env.SALESFORCE_API_VERSION || '59.0',
    109:       timestamp: new Date().toISOString()

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    104:     await fs.writeFile(configPath, JSON.stringify({
    105:       instanceUrl: conn.instanceUrl,
>>> 106:       username: process.env.SALESFORCE_USERNAME,
    107:       loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    108:       apiVersion: process.env.SALESFORCE_API_VERSION || '59.0',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    72:       await conn.login(
    73:         process.env.SALESFORCE_USERNAME,
>>> 74:         process.env.SALESFORCE_PASSWORD
    75:       );
    76:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    71:       console.log('\n🔐 Attempting to login...');
    72:       await conn.login(
>>> 73:         process.env.SALESFORCE_USERNAME,
    74:         process.env.SALESFORCE_PASSWORD
    75:       );

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    64:         conn.oauth2 = {
    65:           clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 66:           clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    67:           redirectUri: 'http://localhost:3000/oauth/callback'
    68:         };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    446:     clientId: process.env.SALESFORCE_CLIENT_ID,
    447:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
>>> 448:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    449:     username: process.env.SALESFORCE_USERNAME,
    450:     password: process.env.SALESFORCE_PASSWORD,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    63:         console.log('   Using Connected App credentials');
    64:         conn.oauth2 = {
>>> 65:           clientId: process.env.SALESFORCE_CLIENT_ID,
    66:           clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    67:           redirectUri: 'http://localhost:3000/oauth/callback'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    60: 
    61:       // Add OAuth2 if client credentials are provided
>>> 62:       if (process.env.SALESFORCE_CLIENT_ID && process.env.SALESFORCE_CLIENT_SECRET) {
    63:         console.log('   Using Connected App credentials');
    64:         conn.oauth2 = {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    56:       conn = new Connection({
    57:         loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
>>> 58:         version: process.env.SALESFORCE_API_VERSION || '59.0'
    59:       });
    60: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    55: 
    56:       conn = new Connection({
>>> 57:         loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com',
    58:         version: process.env.SALESFORCE_API_VERSION || '59.0'
    59:       });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    52:       console.log('📌 Using Username/Password authentication...');
    53:       console.log(`   Username: ${process.env.SALESFORCE_USERNAME}`);
>>> 54:       console.log(`   Login URL: ${process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'}`);
    55: 
    56:       conn = new Connection({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    51:     else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    52:       console.log('📌 Using Username/Password authentication...');
>>> 53:       console.log(`   Username: ${process.env.SALESFORCE_USERNAME}`);
    54:       console.log(`   Login URL: ${process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'}`);
    55: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    49:     }
    50:     // Method 2: Username/Password Authentication
>>> 51:     else if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    52:       console.log('📌 Using Username/Password authentication...');
    53:       console.log(`   Username: ${process.env.SALESFORCE_USERNAME}`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: async function getSalesforceConnection() {
    19:   const config = {
>>> 20:     clientId: process.env.SALESFORCE_CLIENT_ID,
    21:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    22:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    445:   const envConfig = {
    446:     clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 447:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    448:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    449:     username: process.env.SALESFORCE_USERNAME,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    444:   // Create config from environment variables for local testing
    445:   const envConfig = {
>>> 446:     clientId: process.env.SALESFORCE_CLIENT_ID,
    447:     clientSecret: process.env.SALESFORCE_CLIENT_SECRET,
    448:     refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    45:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    46:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
>>> 47:         version: process.env.SALESFORCE_API_VERSION || '59.0'
    48:       });
    49:     }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    44:       conn = new Connection({
    45:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
>>> 46:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    47:         version: process.env.SALESFORCE_API_VERSION || '59.0'
    48:       });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    38:     }
    39:     // Try access token
>>> 40:     else if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    41:       conn.accessToken = process.env.SALESFORCE_ACCESS_TOKEN;
    42:       conn.instanceUrl = process.env.SALESFORCE_INSTANCE_URL;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    122: 
    123:   // Method 2: Using access token
>>> 124:   if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    125:     return new Connection({
    126:       instanceUrl: process.env.SALESFORCE_INSTANCE_URL,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    117:   // Method 1: Using existing CLI authentication
    118:   if (process.env.SALESFORCE_ORG_USERNAME) {
>>> 119:     const authInfo = await AuthInfo.create({ username: process.env.SALESFORCE_ORG_USERNAME });
    120:     return await Connection.create({ authInfo });
    121:   }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    43:       console.log('📌 Using Access Token authentication...');
    44:       conn = new Connection({
>>> 45:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    46:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    47:         version: process.env.SALESFORCE_API_VERSION || '59.0'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    40: 
    41:     // Method 1: Access Token Authentication
>>> 42:     if (process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    43:       console.log('📌 Using Access Token authentication...');
    44:       conn = new Connection({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    20: const CLIENT_ID = process.argv[2] || process.env.SALESFORCE_CLIENT_ID;
    21: const CLIENT_SECRET = process.argv[3] || process.env.SALESFORCE_CLIENT_SECRET;
>>> 22: const LOGIN_URL = process.argv[4] || process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com';
    23: 
    24: if (!CLIENT_ID || !CLIENT_SECRET) {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    19: // Get credentials from command line or environment
    20: const CLIENT_ID = process.argv[2] || process.env.SALESFORCE_CLIENT_ID;
>>> 21: const CLIENT_SECRET = process.argv[3] || process.env.SALESFORCE_CLIENT_SECRET;
    22: const LOGIN_URL = process.argv[4] || process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com';
    23: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    18: 
    19: // Get credentials from command line or environment
>>> 20: const CLIENT_ID = process.argv[2] || process.env.SALESFORCE_CLIENT_ID;
    21: const CLIENT_SECRET = process.argv[3] || process.env.SALESFORCE_CLIENT_SECRET;
    22: const LOGIN_URL = process.argv[4] || process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com';

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    53: 
    54: # Smithery environment variables and build artifacts
>>> 55: .smithery/.env
    56: .smithery/index.mjs

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    25:       console.error('❌ No Salesforce credentials found!');
    26:       console.log('\nPlease set up your credentials:');
>>> 27:       console.log('1. Copy .env.example to .env');
    28:       console.log('2. Fill in your Salesforce credentials');
    29:       console.log('3. Run this script again\n');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    22:   try {
    23:     // Check which authentication method is configured
>>> 24:     if (!process.env.SALESFORCE_USERNAME && !process.env.SALESFORCE_ACCESS_TOKEN) {
    25:       console.error('❌ No Salesforce credentials found!');
    26:       console.log('\nPlease set up your credentials:');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    15: 
    16: // Load environment variables
>>> 17: dotenv.config({ path: path.join(__dirname, '.env') });
    18: 
    19: console.log('🔍 Testing Salesforce Connection...\n');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    211:       instanceUrl: conn.instanceUrl,
    212:       hasRefreshToken: !!conn.refreshToken,
>>> 213:       clientId: process.env.SALESFORCE_CLIENT_ID,
    214:       testPassed: true,
    215:       timestamp: new Date().toISOString()

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    195:     console.log('Authentication Method:', authMethod);
    196:     console.log('Instance URL:', conn.instanceUrl);
>>> 197:     console.log('OAuth Client ID:', process.env.SALESFORCE_CLIENT_ID?.substring(0, 15) + '...');
    198:     console.log('Has Refresh Token:', conn.refreshToken ? 'Yes' : 'No');
    199:     console.log('=' .repeat(50));

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    118:       console.log('\n📋 Setup Instructions:');
    119:       console.log('\n1. First, create a Connected App in Salesforce (see OAUTH_SETUP_GUIDE.md)');
>>> 120:       console.log('\n2. Add these to your .env file:');
    121:       console.log('   SALESFORCE_CLIENT_ID=your_consumer_key');
    122:       console.log('   SALESFORCE_CLIENT_SECRET=your_consumer_secret');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    116: private async getAuthenticatedConnection(): Promise<SFConnection> {
    117:   // Method 1: Using existing CLI authentication
>>> 118:   if (process.env.SALESFORCE_ORG_USERNAME) {
    119:     const authInfo = await AuthInfo.create({ username: process.env.SALESFORCE_ORG_USERNAME });
    120:     return await Connection.create({ authInfo });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    79: ### For Local Development
    80: 
>>> 81: Create a `.env` file in `packages/mcp/`:
    82: ```env
    83: # Salesforce Authentication

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    104: ## 🔒 Security Tips
    105: 
>>> 106: 1. Never commit `.env` file to git
    107: 2. Use a dedicated Salesforce user for integration
    108: 3. Set minimum required permissions

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    106:             oauth2: {
    107:               clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 108:               clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    109:             },
    110:             version: '59.0'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    105:             refreshToken: tokens.refresh_token,
    106:             oauth2: {
>>> 107:               clientId: process.env.SALESFORCE_CLIENT_ID,
    108:               clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    109:             },

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    77:           client_secret: process.env.SALESFORCE_CLIENT_SECRET,
    78:           username: process.env.SALESFORCE_USERNAME,
>>> 79:           password: process.env.SALESFORCE_PASSWORD
    80:         });
    81: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    76:           client_id: process.env.SALESFORCE_CLIENT_ID,
    77:           client_secret: process.env.SALESFORCE_CLIENT_SECRET,
>>> 78:           username: process.env.SALESFORCE_USERNAME,
    79:           password: process.env.SALESFORCE_PASSWORD
    80:         });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    46:       const password = process.env.SALESFORCE_SECURITY_TOKEN
    47:         ? process.env.SALESFORCE_PASSWORD + process.env.SALESFORCE_SECURITY_TOKEN
>>> 48:         : process.env.SALESFORCE_PASSWORD;
    49:       await conn.login(process.env.SALESFORCE_USERNAME, password);
    50:     } else {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    75:           grant_type: 'password',
    76:           client_id: process.env.SALESFORCE_CLIENT_ID,
>>> 77:           client_secret: process.env.SALESFORCE_CLIENT_SECRET,
    78:           username: process.env.SALESFORCE_USERNAME,
    79:           password: process.env.SALESFORCE_PASSWORD

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    74:         const params = new URLSearchParams({
    75:           grant_type: 'password',
>>> 76:           client_id: process.env.SALESFORCE_CLIENT_ID,
    77:           client_secret: process.env.SALESFORCE_CLIENT_SECRET,
    78:           username: process.env.SALESFORCE_USERNAME,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    71:         authMethod = 'OAuth2 Password Flow';
    72: 
>>> 73:         const tokenUrl = `${process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'}/services/oauth2/token`;
    74:         const params = new URLSearchParams({
    75:           grant_type: 'password',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    68:       if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    69:         console.log('📌 Using OAuth2 Password Flow');
>>> 70:         console.log(`   Client ID: ${process.env.SALESFORCE_CLIENT_ID.substring(0, 15)}...`);
    71:         authMethod = 'OAuth2 Password Flow';
    72: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    66:     // Method 3: OAuth2 Password Flow
    67:     if (!conn && process.env.SALESFORCE_CLIENT_ID && process.env.SALESFORCE_CLIENT_SECRET) {
>>> 68:       if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    69:         console.log('📌 Using OAuth2 Password Flow');
    70:         console.log(`   Client ID: ${process.env.SALESFORCE_CLIENT_ID.substring(0, 15)}...`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    60: 
    61: # When prompted:
>>> 62: # 1. Enter the same credentials from your .env
    63: # 2. Choose option 1 (Smithery CLI deployment)
    64: ```

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    12: 
    13: # Edit with your credentials
>>> 14: nano .env
    15: ```
    16: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    65: 
    66:     // Method 3: OAuth2 Password Flow
>>> 67:     if (!conn && process.env.SALESFORCE_CLIENT_ID && process.env.SALESFORCE_CLIENT_SECRET) {
    68:       if (process.env.SALESFORCE_USERNAME && process.env.SALESFORCE_PASSWORD) {
    69:         console.log('📌 Using OAuth2 Password Flow');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    58:         oauth2: process.env.SALESFORCE_REFRESH_TOKEN ? {
    59:           clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 60:           clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    61:         } : undefined,
    62:         version: '59.0'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    57:         refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    58:         oauth2: process.env.SALESFORCE_REFRESH_TOKEN ? {
>>> 59:           clientId: process.env.SALESFORCE_CLIENT_ID,
    60:           clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    61:         } : undefined,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    56:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    57:         refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
>>> 58:         oauth2: process.env.SALESFORCE_REFRESH_TOKEN ? {
    59:           clientId: process.env.SALESFORCE_CLIENT_ID,
    60:           clientSecret: process.env.SALESFORCE_CLIENT_SECRET

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    55:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    56:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
>>> 57:         refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    58:         oauth2: process.env.SALESFORCE_REFRESH_TOKEN ? {
    59:           clientId: process.env.SALESFORCE_CLIENT_ID,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    54:       conn = new Connection({
    55:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
>>> 56:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    57:         refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,
    58:         oauth2: process.env.SALESFORCE_REFRESH_TOKEN ? {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    9: ```bash
    10: # Copy the template
>>> 11: cp .env.example .env
    12: 
    13: # Edit with your credentials

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    53:       authMethod = 'Environment Variables (Access Token)';
    54:       conn = new Connection({
>>> 55:         instanceUrl: process.env.SALESFORCE_INSTANCE_URL,
    56:         accessToken: process.env.SALESFORCE_ACCESS_TOKEN,
    57:         refreshToken: process.env.SALESFORCE_REFRESH_TOKEN,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    49: 
    50:     // Method 2: Use environment variables with OAuth
>>> 51:     if (!conn && process.env.SALESFORCE_ACCESS_TOKEN && process.env.SALESFORCE_INSTANCE_URL) {
    52:       console.log('📌 Using OAuth tokens from environment variables');
    53:       authMethod = 'Environment Variables (Access Token)';

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    39:           oauth2: tokens.refresh_token ? {
    40:             clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 41:             clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    42:           } : undefined,
    43:           version: '59.0'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    38:           refreshToken: tokens.refresh_token,
    39:           oauth2: tokens.refresh_token ? {
>>> 40:             clientId: process.env.SALESFORCE_CLIENT_ID,
    41:             clientSecret: process.env.SALESFORCE_CLIENT_SECRET
    42:           } : undefined,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    26:     // Method 1: Check for OAuth tokens file
    27:     const tokensFile = path.join(__dirname, '.oauth-tokens.json');
>>> 28:     const oauthEnvFile = path.join(__dirname, '.env.oauth');
    29: 
    30:     try {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    15: 
    16: // Load environment variables
>>> 17: dotenv.config({ path: path.join(__dirname, '.env') });
    18: 
    19: console.log('🔐 Testing Salesforce OAuth Connection...\n');

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    100:         arch: this.config.arch,
    101:         nodeVersion: process.version,
>>> 102:         nodeEnv: process.env.NODE_ENV,
    103:         origin: this.config.userAgent,
    104:         // Timestamps

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    385:             clientId: process.env.SALESFORCE_CLIENT_ID,
    386:             privateKeyFile: process.env.SALESFORCE_JWT_KEY,
>>> 387:             loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    388:           }
    389:         });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    384:           oauth2Options: {
    385:             clientId: process.env.SALESFORCE_CLIENT_ID,
>>> 386:             privateKeyFile: process.env.SALESFORCE_JWT_KEY,
    387:             loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'
    388:           }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    383:           username: process.env.SALESFORCE_USERNAME,
    384:           oauth2Options: {
>>> 385:             clientId: process.env.SALESFORCE_CLIENT_ID,
    386:             privateKeyFile: process.env.SALESFORCE_JWT_KEY,
    387:             loginUrl: process.env.SALESFORCE_LOGIN_URL || 'https://login.salesforce.com'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    381:         console.log('Using JWT authentication');
    382:         const authInfo = await AuthInfo.create({
>>> 383:           username: process.env.SALESFORCE_USERNAME,
    384:           oauth2Options: {
    385:             clientId: process.env.SALESFORCE_CLIENT_ID,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    378: 
    379:       // Method 4: Use JWT flow for server-to-server auth (if configured)
>>> 380:       if (process.env.SALESFORCE_JWT_KEY && process.env.SALESFORCE_CLIENT_ID && process.env.SALESFORCE_USERNAME) {
    381:         console.log('Using JWT authentication');
    382:         const authInfo = await AuthInfo.create({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    366:           await conn.login(
    367:             process.env.SALESFORCE_USERNAME,
>>> 368:             process.env.SALESFORCE_PASSWORD
    369:           );
    370: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    365:         try {
    366:           await conn.login(
>>> 367:             process.env.SALESFORCE_USERNAME,
    368:             process.env.SALESFORCE_PASSWORD
    369:           );

Decoded base64 content: ��^��+q�%��"��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a���rب���zѢ��Rǫ"w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��$j��g)�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

NPM config access (may contain tokens)

Detected by automated pattern matching (rule DE-008) with medium confidence. May be a false positive.

    177:         run: |
    178:           cd packages/mcp
>>> 179:           echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
    180:           
    181:           # Determine npm dist-tag

Decoded base64 content: ��^��+q�%��"��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a���rب���zѢ��Rǫ"w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ݭ���Zk��n��s]��ֽ�ݼ��t��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��$j��g)�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��}շ��qݝo����z׎��_q�7ݶ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a�����,��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

NPM config access (may contain tokens)

Detected by automated pattern matching (rule DE-008) with medium confidence. May be a false positive.

    156:         run: |
    157:           cd packages/${{ matrix.package }}
>>> 158:           echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
    159:           npm publish --access public
    160:         env:

Decoded base64 content: ��^��+q�%��"��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a���rب���zѢ��Rǫ"w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ݭ���Zk��n��s]��ֽ�ݼ��t��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��}շ��qݝo����z׎��_q�7ݶ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��$j��g)�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

NPM config access (may contain tokens)

Detected by automated pattern matching (rule DE-008) with medium confidence. May be a false positive.

    5: 
    6: # never check in npm config
>>> 7: .npmrc
    8: 
    9: # debug logs

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    147:                 process.platform === 'win32' ? 'start' : 'xdg-open';
    148: 
>>> 149:   import('child_process').then(({ exec }) => {
    150:     exec(`${open} "${authUrl.toString()}"`, (err) => {
    151:       if (err) {

Decoded base64 content: r����^��+q�%���������]�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������]�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��zW�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��'��m��-��%��d

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��'��m��-��%��d

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��'��m��-��%��d

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    148: 
    149:   import('child_process').then(({ exec }) => {
>>> 150:     exec(`${open} "${authUrl.toString()}"`, (err) => {
    151:       if (err) {
    152:         console.log('⚠️  Could not open browser automatically. Please open the URL manually.\n');

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    64: 
    65:   // This method serves as your tool's callback which takes the input and returns an output.
>>> 66:   // Note that you could also use an async signature like: public async exec(input: InputArgs): Promise<CallToolResult>
    67:   public exec(input: InputArgs): CallToolResult {
    68:     // Example of using the telemetry service

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    65:   // This method serves as your tool's callback which takes the input and returns an output.
    66:   // Note that you could also use an async signature like: public async exec(input: InputArgs): Promise<CallToolResult>
>>> 67:   public exec(input: InputArgs): CallToolResult {
    68:     // Example of using the telemetry service
    69:     this.telemetryService.sendEvent("sampleEvent", {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    37:     let result: CallToolResult;
    38:     beforeEach(() => {
>>> 39:       result = tool.exec({ someInput: "someValue" });
    40:     });
    41: 

Decoded base64 content: ������&��x����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������&��x����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������&��x����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^<

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^y

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    35:    * Implements the main callback for the MCP Tool
    36:    */
>>> 37:   public abstract exec(
    38:     ...args: InputArgsShape extends z.ZodRawShape
    39:       ? [

Decoded base64 content: ��^��'��m��-��%��d��Z����-��%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������_7

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������_:

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    36: 
    37: export interface DescribeRuleAction {
>>> 38:     exec(input: DescribeRuleInput): Promise<DescribeRuleOutput>;
    39: }
    40: 

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    50:     }
    51: 
>>> 52:     public async exec(input: DescribeRuleInput): Promise<DescribeRuleOutput> {
    53:         let analyzer: CodeAnalyzer;
    54:         try {

Decoded base64 content: ������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �X���ޮ�Į�+ �m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: M�^��kȸ���ެV����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: M�^��kȸ���ެV����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    42: 
    43: export interface RunAnalyzerAction {
>>> 44:     exec(input: RunInput): Promise<RunOutput>;
    45: }
    46: 

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    56:     }
    57: 
>>> 58:     public async exec(input: RunInput): Promise<RunOutput> {
    59:         let analyzer: CodeAnalyzer;
    60:         try {

Decoded base64 content: ������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �X���ޮ�Į�+ �m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: M�^��kȸ���ެV����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �X���ޮ��zW�z��.+-zw�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: F����r���rب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: F����r���rب��m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: M�^��kȸ���ެV����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��¢jezםZ+a����i׫

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    74:     }
    75: 
>>> 76:     public async exec(input: DescribeRuleInput): Promise<CallToolResult> {
    77:         let output: DescribeRuleOutput;
    78:         try {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    77:         let output: DescribeRuleOutput;
    78:         try {
>>> 79:             output = await this.action.exec(input);
    80:         } catch (e) {
    81:             output = { status: getErrorMessage(e) };

Decoded base64 content: ������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    79:     }
    80: 
>>> 81:     public async exec(input: RunInput): Promise<CallToolResult> {
    82:         let output: RunOutput;
    83:         try {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    83:         try {
    84:             validateInput(input);
>>> 85:             output = await this.action.exec(input);
    86:         } catch (e) {
    87:             output = { status: getErrorMessage(e) };

Decoded base64 content: ������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���z�+���jy����r

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    56:             });
    57: 
>>> 58:             const output: DescribeRuleOutput = await action.exec(input);
    59:             expect(output.status).toEqual('success');
    60:             expect(output.rule?.name).toEqual('WhileLoopsMustUseBraces');

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    75:             });
    76: 
>>> 77:             const output: DescribeRuleOutput = await action.exec(input);
    78: 
    79:             expect(output.status).toContain(`No rule with name 'not-a-real-rule' exists in engine 'pmd'.`);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    121:         });
    122: 
>>> 123:         const output: DescribeRuleOutput = await action.exec(input);
    124: 
    125:         for (const keyErrorPhrase of keyErrorPhrases) {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    144:             });
    145: 
>>> 146:             await action.exec(input);
    147: 
    148:             const telemetryEvents: SendTelemetryEvent[] = telemetryService.sendEventCallHistory;

Decoded base64 content: ���������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��nn�º�h�,�nW��w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��nn��x�n�)�i�h�'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������&��x����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    205:         });
    206: 
>>> 207:         const output: RunOutput = await action.exec(input);
    208: 
    209:         for (const keyStatusPhrase of keyStatusPhrases) {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    245:             });
    246: 
>>> 247:             await action.exec(input);
    248: 
    249:             const telemetryEvents: SendTelemetryEvent[] = spyTelemetryService.sendEventCallHistory;

Decoded base64 content: ��nn�º�h�,�nW��w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���������z�¡׀��r��¢w�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��nn��x�n�)�i�h�'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: x"�����V����"je

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: zx"�����V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������&��x����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    44:             };
    45: 
>>> 46:             const result: CallToolResult = await tool.exec(input);
    47: 
    48:             expect(spyAction.execCallHistory).toHaveLength(1);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    62:                 engineName: 'test-engine'
    63:             };
>>> 64:             const result: CallToolResult = await tool.exec(input);
    65: 
    66:             const expectedOutput: DescribeRuleOutput = {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    77: class SpyDescribeRuleAction implements DescribeRuleAction {
    78:     public execCallHistory: DescribeRuleInput[] = [];
>>> 79:     public exec(input: DescribeRuleInput): Promise<DescribeRuleOutput> {
    80:         this.execCallHistory.push(input);
    81:         return Promise.resolve({

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    86: 
    87: class ThrowingDescribeRuleAction implements DescribeRuleAction {
>>> 88:     exec(_input: DescribeRuleInput): Promise<DescribeRuleOutput> {
    89:         throw new Error("Error from ThrowingDescribeRuleAction");
    90:     }

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    62:             tool = new CodeAnalyzerRunMcpTool(spyAction);
    63: 
>>> 64:             const result: CallToolResult = await tool.exec({target: sampleTargets.slice(0, 5)});
    65: 
    66:             expect(spyAction.execCallHistory).toHaveLength(1);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    106:             }
    107:         ])("When invalid input is given ($case), then return error result", async ({args, keyErrorPhrase}) => {
>>> 108:             const result: CallToolResult = await tool.exec(args as RunInput)
    109: 
    110:             expect(result.content).toHaveLength(1);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    119:             tool = new CodeAnalyzerRunMcpTool(throwingAction);
    120: 
>>> 121:             const result: CallToolResult = await tool.exec({target: sampleTargets.slice(0, 5)});
    122: 
    123:             const expectedOutput: RunOutput = {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    134: class SpyRunAction implements RunAnalyzerAction {
    135:     public execCallHistory: RunInput[] = [];
>>> 136:     public exec(input: RunInput): Promise<RunOutput> {
    137:         this.execCallHistory.push(input);
    138:         return Promise.resolve({

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    143: 
    144: class ThrowingRunAction implements RunAnalyzerAction {
>>> 145:     exec(_input: RunInput): Promise<RunOutput> {
    146:         throw new Error("Error from ThrowingRunAction");
    147:     }

Decoded base64 content: r����^��+q�%���������n6

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    1: import path from "path";
>>> 2: import { exec } from "child_process";
    3: 
    4: export interface PushWorkitemBranchChangesParams {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    29:   function execPromise(cmd: string, cwd: string): Promise<{ stdout: string; stderr: string }> {
    30:     return new Promise((resolve) => {
>>> 31:       exec(cmd, { cwd }, (err, stdout, stderr) => {
    32:         resolve({ stdout, stderr });
    33:       });

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    1: import axios from 'axios';
    2: import { getConnection, getRequiredOrgs } from './shared/auth.js';
>>> 3: import { execFileSync } from 'child_process';
    4: import path from 'path';
    5: import fs from 'fs';

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���ը�B-zcڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���ը�B-zcڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    55:   }
    56: 
>>> 57:   public async exec(input: InputArgs): Promise<CallToolResult> {
    58:     try {
    59:       const connection = await getConnection(input.username);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    80:   }
    81: 
>>> 82:   public async exec(input: InputArgs): Promise<CallToolResult> {
    83:     try {
    84:       const workItem = await fetchWorkItemByName(input.username, input.workItemName);

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    71:   }
    72: 
>>> 73:   public async exec(input: InputArgs): Promise<CallToolResult> {
    74:     let safeLocalPath: string | undefined = undefined;
    75:     try {

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: I�޾�l ����Z��"צ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J��q�u�^��"���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J��q�u�^��"���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    88:   }
    89: 
>>> 90:   public async exec(input: InputArgs): Promise<CallToolResult> {
    91:     try {
    92:       const safeRepoPath = input.repoPath ? normalizeAndValidateRepoPath(input.repoPath) : undefined;

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���jX�x �U�bu�^E�h=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    68:   }
    69: 
>>> 70:   public async exec(input: InputArgs): Promise<CallToolResult> {
    71:     const isMP = await isManagedPackageDevopsOrg(input.username);
    72:     const workItem = isMP 

Decoded base64 content: J��q�u�^��"���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    51:   }
    52: 
>>> 53:   public async exec(input: InputArgs): Promise<CallToolResult> {
    54:     const projects = await fetchProjects(input.username);
    55:     return {

Decoded base64 content: I�޾�l.+->�#y�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    58:   }
    59: 
>>> 60:   public async exec(input: InputArgs): Promise<CallToolResult> {
    61:     const workItems = await fetchWorkItems(input.username, input.project.Id);
    62:     return {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    77:   }
    78: 
>>> 79:   public async exec(input: InputArgs): Promise<CallToolResult> {
    80:     const items = await fetchWorkItemsByNames(input.username, input.workItemNames);
    81:     if (!Array.isArray(items) || items.length === 0) {

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    67:   }
    68: 
>>> 69:   public async exec(input: InputArgs): Promise<CallToolResult> {
    70:     const isMP = await isManagedPackageDevopsOrg(input.username);
    71:     const workItem = isMP 

NPM config access (may contain tokens)

Detected by automated pattern matching (rule DE-008) with medium confidence. May be a false positive.

    7: 
    8: # never checkin npm config
>>> 9: .npmrc
    10: 
    11: # debug logs

Decoded base64 content: r����^��+q�%���������n6

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������_5

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^y

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    95:   }
    96: 
>>> 97:   public async exec(input: InputArgs): Promise<CallToolResult> {
    98:     try {
    99:       if (!input.usernameOrAlias)

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�"�sޮh��*'I�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    85:   }
    86: 
>>> 87:   public async exec(input: InputArgs): Promise<CallToolResult> {
    88:     try {
    89:       process.chdir(input.directory);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���㫁)ڦ�h��)N�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    124:   }
    125: 
>>> 126:   public async exec(input: InputArgs): Promise<CallToolResult> {
    127:     try {
    128:       process.chdir(input.directory);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    73:   }
    74: 
>>> 75:   public async exec(input: InputArgs): Promise<CallToolResult> {
    76:     try {
    77:       process.chdir(input.directory);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    124:   }
    125: 
>>> 126:   public async exec(input: InputArgs): Promise<CallToolResult> {
    127:     if (input.apexTests && input.apexTestLevel) {
    128:       return textResponse("You can't specify both `apexTests` and `apexTestLevel` parameters.", true);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�e�#��Z��ڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�e�#��Z��ڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�e�#��Z��ڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u�e�#��Z��ڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:���w��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(������r���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    126:   }
    127: 
>>> 128:   public async exec(input: InputArgs): Promise<CallToolResult> {
    129:     try {
    130:       process.chdir(input.directory);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���z�޼{�.��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)�:�
�K�v�x���&�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~)�:�
�K�v�x���&�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���z�޼{�.��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    76:   }
    77: 
>>> 78:   public async exec(input: InputArgs): Promise<CallToolResult> {
    79:     try {
    80:       if (!input.usernameOrAlias) {

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �{��^r��=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �{��^r��=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �{��^r��=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �{��^r��=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    79:   }
    80: 
>>> 81:   public async exec(input: InputArgs): Promise<CallToolResult> {
    82:     try {
    83:       process.chdir(input.directory);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    65:   }
    66: 
>>> 67:   public async exec(input: InputArgs): Promise<CallToolResult> {
    68:     process.chdir(input.directory);
    69: 

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    104:   }
    105: 
>>> 106:   public async exec(input: InputArgs): Promise<CallToolResult> {
    107:     if (!input.jobId) {
    108:       return textResponse('The jobId parameter is required.', true);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^I�^��+q�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^I�^��+q�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:���w��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    95:   }
    96: 
>>> 97:   public async exec(input: InputArgs): Promise<CallToolResult> {
    98:     if (input.sourceDir && input.manifest) {
    99:       return textResponse("You can't specify both `sourceDir` and `manifest` parameters.", true);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:���w��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(������r���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    94:   }
    95: 
>>> 96:   public async exec(input: InputArgs): Promise<CallToolResult> {
    97:     if (!input.usernameOrAlias)
    98:       return textResponse(

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    132:   }
    133: 
>>> 134:   public async exec(input: InputArgs): Promise<CallToolResult> {
    135:     if (
    136:       (ensureArray(input.suiteName).length >= 1 ||

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^�X�����׬���ʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    75:   }
    76: 
>>> 77:   public async exec(input: InputArgs): Promise<CallToolResult> {
    78:     try {
    79:       if (!input.usernameOrAlias)

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ���:�%��j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����=�ښĜ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �(!�x����n)^ �Zn)b�'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �(!�x����n)^ �Zn)b�'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    8:  */
    9: 
>>> 10: import { execSync } from 'child_process';
    11: import * as fs from 'fs';
    12: import * as path from 'path';

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    17:  */
    18: 
>>> 19: import { execSync } from 'child_process';
    20: import * as fs from 'fs';
    21: import * as path from 'path';

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��m�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v�'���wD���r��g�xʗ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    111:   }
    112: 
>>> 113:   public async exec(_args: InputArgs): Promise<CallToolResult> {
    114:     try {
    115:       const typeDefinitions = await this.readTypeDefinitionFile();

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 5�b������+rN�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��.�ا�7�r���*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    83:   }
    84: 
>>> 85:   public async exec(args: InputArgs): Promise<CallToolResult> {
    86:     try {
    87:       const analysisResults = await this.analyzeCode(args);

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^�Шu�'j\���,��O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��N��^��ڶ*'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��N��^��ڶ*'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^�Шu�'j\���,��O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    64:   }
    65: 
>>> 66:   public async exec(_args: InputArgs): Promise<CallToolResult> {
    67:     try {
    68:       const reviewInstructions = this.getExpertReviewInstructions();

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^��^�'�"{-��-���O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^��^�'�"{-��-���O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��F��a�U���1���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^��^�'�"{-��-���O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��F��a�U���1���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ^��^�'�"{-��-���O*^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    52:     let result: CallToolResult;
    53:     beforeEach(async () => {
>>> 54:       result = await tool.exec({});
    55:     });
    56: 

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    84:       };
    85: 
>>> 86:       result = await tool.exec({});
    87:     });
    88: 

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 5�b������+rN�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 5�b������+rN�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 5�b������+rN�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 5�b������+rN�%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    73: 
    74:     beforeEach(async () => {
>>> 75:       result = await tool.exec(validLwcCode);
    76:     });
    77: 

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    97:     beforeEach(async () => {
    98:       // Simulate an error by passing invalid input
>>> 99:       result = await tool.exec({} as LwcCodeType);
    100:     });
    101: 

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: .(!�x��*&��ޞ�n��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���M:�N?��Zu�Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: .(!�x��*&��ޞ�n��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���M:�N?��Zu�Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: .(!�x��*&��ޞ�n��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���M:�N?��Zu�Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��$j��g)������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    53: 
    54:     beforeEach(async () => {
>>> 55:       result = await tool.exec({});
    56:     });
    57: 

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    140:       };
    141: 
>>> 142:       result = await tool.exec({});
    143:     });
    144: 

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��F��a�U���1���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��F��a�U���1���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �eN�%E�.�Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 1�Sz�B�'���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 1�Sz�B�'���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �eN�%E�.�Ԝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    21:  * @param {string} [options.command] - Custom command to execute. Defaults to the value of the `SF_MCP_SERVER_BIN` environment variable or 'sf-mcp-server'.
    22:  * @param {string[]} [options.args] - Arguments to pass to the command. Defaults to `['--orgs', options.orgUsername ?? 'DEFAULT_TARGET_ORG', '--no-telemetry']`.
>>> 23:  * @param {string} [options.orgUsername] - The organization username. Used to avoid keychain errors in testing environments.
    24:  * @returns {StdioClientTransport} An instance of StdioClientTransport configured with the specified options.
    25:  */

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    36:     args: options.args ?? ['--toolsets', 'all','--orgs', options.orgUsername ?? 'DEFAULT_TARGET_ORG', '--no-telemetry'],
    37:     // this is needed because testkit sets it when transferring the hub auth and creating a scratch.
>>> 38:     // Without it you get a keychain error/silent failure because the server will look for orgUsername
    39:     // in the OS keychain but testkit modifies the home dir in the process so all auth is in the test dir.
    40:     env: {

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    37:     // this is needed because testkit sets it when transferring the hub auth and creating a scratch.
    38:     // Without it you get a keychain error/silent failure because the server will look for orgUsername
>>> 39:     // in the OS keychain but testkit modifies the home dir in the process so all auth is in the test dir.
    40:     env: {
    41:       SF_USE_GENERIC_UNIX_KEYCHAIN: 'true'

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    39:     // in the OS keychain but testkit modifies the home dir in the process so all auth is in the test dir.
    40:     env: {
>>> 41:       SF_USE_GENERIC_UNIX_KEYCHAIN: 'true'
    42:     }
    43:   });

Decoded base64 content: J�b�)bz{S��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�)bz{S��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�)bz{S��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�)bz{S��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�)bz{S��즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

NPM config access (may contain tokens)

Detected by automated pattern matching (rule DE-008) with medium confidence. May be a false positive.

    7: 
    8: # never checkin npm config
>>> 9: .npmrc
    10: 
    11: # debug logs

Decoded base64 content: r����^��+q�%���������n;

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������n6

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������m�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������n9

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������mu

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������_5

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^<

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����^��+q�%���������^y

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: {⮉�z{I�m�x,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�����Ǭ������ǫ�w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��l����������"��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    4: // This wrapper spawns the actual CLI tool as a subprocess
    5: 
>>> 6: import { spawn } from 'child_process';
    7: import { fileURLToPath } from 'url';
    8: import { dirname, join } from 'path';

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��b�g�i֭k�^�Z2

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��+q��zW�z��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 1�SzW�z��E�h�׫

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 1�SzW�z��E�h�׫

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 1�SzW�z��E�h�׫

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    64:   }
    65: 
>>> 66:   public async exec(input: InputArgs): Promise<CallToolResult> {
    67:     if (input.tools.length === 0) {
    68:       return {

Decoded base64 content: ����� bE�z�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    56:   }
    57: 
>>> 58:   public async exec(): Promise<CallToolResult> {
    59:     return {
    60:       isError: false,

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    123:       continue;
    124:     }
>>> 125:     const registeredTool = server.registerTool(tool.getName(), tool.getConfig(), (...args) => tool.exec(...args));
    126:     const toolsets = tool.getToolsets();
    127:     if (useDynamicTools && !toolsets.includes(Toolset.CORE)) {

Decoded base64 content: ��?�'�Ǭ��Ԅ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����򝩢q'���Ӣ�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����򝩢q'���Ӣ�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ����� bE�z�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ����� bE�z�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ����� bE�z�l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�b�*'jS뢗��'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    4:       "command": "node",
    5:       "args": [
>>> 6:         "/Users/venkateshmunagala/PycharmProjects/salesforce-mcps/packages/mcp/simple-server.js"
    7:       ],
    8:       "env": {

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    160:     });
    161: 
>>> 162:     const response = await fetch(tokenUrl, {
    163:       method: 'POST',
    164:       headers: { 'Content-Type': 'application/x-www-form-urlencoded' },

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    210:     });
    211: 
>>> 212:     const response = await fetch(tokenUrl, {
    213:       method: 'POST',
    214:       headers: { 'Content-Type': 'application/x-www-form-urlencoded' },

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    8: ### Features
    9: 
>>> 10: * add devops/ca toolsets W-19616705 ([#230](https://github.com/salesforcecli/mcp/issues/230)) ([08b5356](https://github.com/salesforcecli/mcp/commit/08b5356f8a53ffeaf3462736169e95ba2729c39c))
    11: 
    12: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    17: ### Bug Fixes
    18: 
>>> 19: * bump api ([#223](https://github.com/salesforcecli/mcp/issues/223)) ([43b49dd](https://github.com/salesforcecli/mcp/commit/43b49dd158960e37682db931b49d5aaa3d32c2f1))
    20: 
    21: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    11:  */
    12: declare module "lightning/mobileCapabilities" {
>>> 13:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/AppReviewService/appReviewService.js";
    14:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ARSpaceCapture/arSpaceCapture.js";
    15:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BarcodeScanner/barcodeScanner.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    5: ### Features
    6: 
>>> 7: - **W-19147516:** replace sf-enable-tool with sf-enable-tools ([#128](https://github.com/salesforcecli/mcp/issues/128)) ([5f66de9](https://github.com/salesforcecli/mcp/commit/5f66de944fdb202e34999b81ccc169393e1d1bbf))
    8: 
    9: ## [0.16.1](https://github.com/salesforcecli/mcp/compare/0.16.0...0.16.1) (2025-07-28)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    11: ### Bug Fixes
    12: 
>>> 13: - **W-19105967:** better descriptions to prevent unneeded sf-list-tool calls ([#121](https://github.com/salesforcecli/mcp/issues/121)) ([863fec9](https://github.com/salesforcecli/mcp/commit/863fec9c667647492a9494ed0a60a8deb338d448))
    14: 
    15: # [0.16.0](https://github.com/salesforcecli/mcp/compare/0.15.4...0.16.0) (2025-07-28)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    12: declare module "lightning/mobileCapabilities" {
    13:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/AppReviewService/appReviewService.js";
>>> 14:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ARSpaceCapture/arSpaceCapture.js";
    15:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BarcodeScanner/barcodeScanner.js";
    16:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BiometricsService/biometricsService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    17: ### Bug Fixes
    18: 
>>> 19: - add sf-suggest-cli-command to core tools ([4657d72](https://github.com/salesforcecli/mcp/commit/4657d720588be0aee68fee84d1dbbe202ed314c6))
    20: - check if index needs to be built when calling getAssets ([efb5c21](https://github.com/salesforcecli/mcp/commit/efb5c21d10a41f95b8775ba45c3f61f352acecd8))
    21: - improve embedding and agent instructions ([f363772](https://github.com/salesforcecli/mcp/commit/f363772548805ccc83259583a4c00d0c3b5ce0b1))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    18: 
    19: - add sf-suggest-cli-command to core tools ([4657d72](https://github.com/salesforcecli/mcp/commit/4657d720588be0aee68fee84d1dbbe202ed314c6))
>>> 20: - check if index needs to be built when calling getAssets ([efb5c21](https://github.com/salesforcecli/mcp/commit/efb5c21d10a41f95b8775ba45c3f61f352acecd8))
    21: - improve embedding and agent instructions ([f363772](https://github.com/salesforcecli/mcp/commit/f363772548805ccc83259583a4c00d0c3b5ce0b1))
    22: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    19: - add sf-suggest-cli-command to core tools ([4657d72](https://github.com/salesforcecli/mcp/commit/4657d720588be0aee68fee84d1dbbe202ed314c6))
    20: - check if index needs to be built when calling getAssets ([efb5c21](https://github.com/salesforcecli/mcp/commit/efb5c21d10a41f95b8775ba45c3f61f352acecd8))
>>> 21: - improve embedding and agent instructions ([f363772](https://github.com/salesforcecli/mcp/commit/f363772548805ccc83259583a4c00d0c3b5ce0b1))
    22: 
    23: ### Features

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    23: ### Features
    24: 
>>> 25: - create weighted embedding text ([30b5ccf](https://github.com/salesforcecli/mcp/commit/30b5ccfa82176f11bccc9efe8a34bba09ccc7fd5))
    26: - **W-18909741:** suggest sf command ([5ca1455](https://github.com/salesforcecli/mcp/commit/5ca1455d394a506017b5b341c64f41ef2f7706b7))
    27: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    24: 
    25: - create weighted embedding text ([30b5ccf](https://github.com/salesforcecli/mcp/commit/30b5ccfa82176f11bccc9efe8a34bba09ccc7fd5))
>>> 26: - **W-18909741:** suggest sf command ([5ca1455](https://github.com/salesforcecli/mcp/commit/5ca1455d394a506017b5b341c64f41ef2f7706b7))
    27: 
    28: ## [0.15.4](https://github.com/salesforcecli/mcp/compare/0.15.3...0.15.4) (2025-07-27)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    30: ### Bug Fixes
    31: 
>>> 32: - **deps:** bump @jsforce/jsforce-node from 3.9.1 to 3.9.4 ([08b58a6](https://github.com/salesforcecli/mcp/commit/08b58a66f64e1eab737ce8eb7b5c1616ed124d71))
    33: 
    34: ## [0.15.3](https://github.com/salesforcecli/mcp/compare/0.15.2...0.15.3) (2025-07-26)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    36: ### Bug Fixes
    37: 
>>> 38: - **deps:** bump @salesforce/source-deploy-retrieve ([d85e3c0](https://github.com/salesforcecli/mcp/commit/d85e3c0499db0c14c26a5944b1d6066faaf9ffc3))
    39: 
    40: ## [0.15.2](https://github.com/salesforcecli/mcp/compare/0.15.1...0.15.2) (2025-07-26)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    42: ### Bug Fixes
    43: 
>>> 44: - **deps:** bump zod from 3.25.67 to 3.25.76 ([221c271](https://github.com/salesforcecli/mcp/commit/221c271d3c614992d768475110663d7bd163c867))
    45: 
    46: ## [0.15.1](https://github.com/salesforcecli/mcp/compare/0.15.0...0.15.1) (2025-07-26)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    48: ### Bug Fixes
    49: 
>>> 50: - **deps:** bump @salesforce/telemetry from 6.0.39 to 6.1.0 ([0244c4a](https://github.com/salesforcecli/mcp/commit/0244c4a09942739bcbc4ba561616894bf5a3f824))
    51: 
    52: # [0.15.0](https://github.com/salesforcecli/mcp/compare/0.14.3...0.15.0) (2025-07-24)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    54: ### Features
    55: 
>>> 56: - add snapshot tool, add ability to monitor snapshot from resume tools ([50d54f4](https://github.com/salesforcecli/mcp/commit/50d54f4c03cbd6c05100a8352fedf7aec0fff075))
    57: - delete scratch/sandbox ([61fb363](https://github.com/salesforcecli/mcp/commit/61fb363c05836fceb491a9462fc63f37ed3136f3))
    58: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    55: 
    56: - add snapshot tool, add ability to monitor snapshot from resume tools ([50d54f4](https://github.com/salesforcecli/mcp/commit/50d54f4c03cbd6c05100a8352fedf7aec0fff075))
>>> 57: - delete scratch/sandbox ([61fb363](https://github.com/salesforcecli/mcp/commit/61fb363c05836fceb491a9462fc63f37ed3136f3))
    58: 
    59: ## [0.14.3](https://github.com/salesforcecli/mcp/compare/0.14.2...0.14.3) (2025-07-22)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    61: ### Bug Fixes
    62: 
>>> 63: - **deps:** bump form-data from 4.0.0 to 4.0.4 ([70c072e](https://github.com/salesforcecli/mcp/commit/70c072e02d7badf6cd6cfed40f78640a5ccec2f1))
    64: 
    65: ## [0.14.2](https://github.com/salesforcecli/mcp/compare/0.14.1...0.14.2) (2025-07-19)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    67: ### Bug Fixes
    68: 
>>> 69: - **deps:** bump @salesforce/source-tracking from 7.4.7 to 7.4.8 ([b1d5097](https://github.com/salesforcecli/mcp/commit/b1d50973ee26eab27239ad15a882d44e9b992428))
    70: 
    71: ## [0.14.1](https://github.com/salesforcecli/mcp/compare/0.14.0...0.14.1) (2025-07-19)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    73: ### Bug Fixes
    74: 
>>> 75: - **deps:** bump @oclif/core from 4.5.0 to 4.5.1 ([3a5c502](https://github.com/salesforcecli/mcp/commit/3a5c5029488cc68d3e5add9c9926118337a1e016))
    76: 
    77: # [0.14.0](https://github.com/salesforcecli/mcp/compare/0.13.2...0.14.0) (2025-07-15)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    79: ### Features
    80: 
>>> 81: - Add Tooling API support to `sf-query-org` ([#95](https://github.com/salesforcecli/mcp/issues/95)) ([5b010f0](https://github.com/salesforcecli/mcp/commit/5b010f04c739be29eeafe2cf00ed6df2fc87b879))
    82: 
    83: ## [0.13.2](https://github.com/salesforcecli/mcp/compare/0.13.1...0.13.2) (2025-07-13)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    85: ### Bug Fixes
    86: 
>>> 87: - **deps:** bump @oclif/core from 4.4.1 to 4.5.0 ([6b3195a](https://github.com/salesforcecli/mcp/commit/6b3195a221fd1b56d90fb942bea2b05a31e675ec))
    88: 
    89: ## [0.13.1](https://github.com/salesforcecli/mcp/compare/0.13.0...0.13.1) (2025-07-12)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    91: ### Bug Fixes
    92: 
>>> 93: - **deps:** bump @modelcontextprotocol/sdk from 1.15.0 to 1.15.1 ([a869afe](https://github.com/salesforcecli/mcp/commit/a869afe7069960883abea18846dfa135c3433250))
    94: 
    95: # [0.13.0](https://github.com/salesforcecli/mcp/compare/0.12.0...0.13.0) (2025-07-08)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    97: ### Features
    98: 
>>> 99: - sf-org-open ([b41d3bb](https://github.com/salesforcecli/mcp/commit/b41d3bbfce42083a8a018f310862372e1eed15a8))
    100: 
    101: # [0.12.0](https://github.com/salesforcecli/mcp/compare/0.11.4...0.12.0) (2025-07-07)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    103: ### Bug Fixes
    104: 
>>> 105: - add core tools to cache ([0af8c10](https://github.com/salesforcecli/mcp/commit/0af8c10346298267c7640fde95e8f2c5e337600a))
    106: - add tests and fix bugs ([6fded7c](https://github.com/salesforcecli/mcp/commit/6fded7c01123ff8d48cd47ce8d847ac5be90d3de))
    107: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    104: 
    105: - add core tools to cache ([0af8c10](https://github.com/salesforcecli/mcp/commit/0af8c10346298267c7640fde95e8f2c5e337600a))
>>> 106: - add tests and fix bugs ([6fded7c](https://github.com/salesforcecli/mcp/commit/6fded7c01123ff8d48cd47ce8d847ac5be90d3de))
    107: 
    108: ### Features

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    108: ### Features
    109: 
>>> 110: - dynamic toolset discovery ([076512e](https://github.com/salesforcecli/mcp/commit/076512ee00883f174c833cb298530d5f667709fc))
    111: - flat tool discovery ([084ad8f](https://github.com/salesforcecli/mcp/commit/084ad8f70e6d4b6fe6aa99e090e34f7a7a6921dd))
    112: - make Cache thread safe and reorganize ([7e8af99](https://github.com/salesforcecli/mcp/commit/7e8af99417a85d790ed2022b5d47c3239f7f2a34))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    109: 
    110: - dynamic toolset discovery ([076512e](https://github.com/salesforcecli/mcp/commit/076512ee00883f174c833cb298530d5f667709fc))
>>> 111: - flat tool discovery ([084ad8f](https://github.com/salesforcecli/mcp/commit/084ad8f70e6d4b6fe6aa99e090e34f7a7a6921dd))
    112: - make Cache thread safe and reorganize ([7e8af99](https://github.com/salesforcecli/mcp/commit/7e8af99417a85d790ed2022b5d47c3239f7f2a34))
    113: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    335: ### Bug Fixes
    336: 
>>> 337: - permset bugs, readme, more tests ([5207ada](https://github.com/salesforcecli/mcp/commit/5207ada2c6c329f0b447a8d3e0dcba4dd7919c48))
    338: 
    339: ### Features

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    110: - dynamic toolset discovery ([076512e](https://github.com/salesforcecli/mcp/commit/076512ee00883f174c833cb298530d5f667709fc))
    111: - flat tool discovery ([084ad8f](https://github.com/salesforcecli/mcp/commit/084ad8f70e6d4b6fe6aa99e090e34f7a7a6921dd))
>>> 112: - make Cache thread safe and reorganize ([7e8af99](https://github.com/salesforcecli/mcp/commit/7e8af99417a85d790ed2022b5d47c3239f7f2a34))
    113: 
    114: ## [0.11.4](https://github.com/salesforcecli/mcp/compare/0.11.3...0.11.4) (2025-07-06)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    116: ### Bug Fixes
    117: 
>>> 118: - **deps:** bump @oclif/core from 4.4.0 to 4.4.1 ([44b0b27](https://github.com/salesforcecli/mcp/commit/44b0b277b1f3a24f274c5dbaf05697b24a338f7f))
    119: 
    120: ## [0.11.3](https://github.com/salesforcecli/mcp/compare/0.11.2...0.11.3) (2025-07-05)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    122: ### Bug Fixes
    123: 
>>> 124: - **deps:** bump @salesforce/source-tracking from 7.4.6 to 7.4.7 ([66740f7](https://github.com/salesforcecli/mcp/commit/66740f745dfb690cfd5a38ddce4a981b87b3ef45))
    125: 
    126: ## [0.11.2](https://github.com/salesforcecli/mcp/compare/0.11.1...0.11.2) (2025-07-05)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    128: ### Bug Fixes
    129: 
>>> 130: - **deps:** bump @salesforce/apex-node from 8.1.32 to 8.2.1 ([3c40acb](https://github.com/salesforcecli/mcp/commit/3c40acbce956a6d82b568e8f908b05d45ec451af))
    131: 
    132: ## [0.11.1](https://github.com/salesforcecli/mcp/compare/0.11.0...0.11.1) (2025-07-03)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    134: ### Bug Fixes
    135: 
>>> 136: - thread safe StateAgg ([0b0dc52](https://github.com/salesforcecli/mcp/commit/0b0dc52b60ada207fee7bc2edd8e6ddf4a13f687))
    137: - use thread-safe ConfigAgg.clearInstance ([9970141](https://github.com/salesforcecli/mcp/commit/9970141d52d0472cea963c2beee23d13b00af2c0))
    138: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    135: 
    136: - thread safe StateAgg ([0b0dc52](https://github.com/salesforcecli/mcp/commit/0b0dc52b60ada207fee7bc2edd8e6ddf4a13f687))
>>> 137: - use thread-safe ConfigAgg.clearInstance ([9970141](https://github.com/salesforcecli/mcp/commit/9970141d52d0472cea963c2beee23d13b00af2c0))
    138: 
    139: # [0.11.0](https://github.com/salesforcecli/mcp/compare/0.10.2...0.11.0) (2025-07-02)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    141: ### Features
    142: 
>>> 143: - add rate limiting for tool calls ([e412a70](https://github.com/salesforcecli/mcp/commit/e412a70010253a7a3441902e2be4f5828c481a60))
    144: 
    145: ## [0.10.2](https://github.com/salesforcecli/mcp/compare/0.10.1...0.10.2) (2025-06-29)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    147: ### Bug Fixes
    148: 
>>> 149: - **deps:** bump @salesforce/agents from 0.15.2 to 0.15.4 ([2b1e732](https://github.com/salesforcecli/mcp/commit/2b1e732db324cc40bb0d6950fd53be5c7d3cc143))
    150: 
    151: ## [0.10.1](https://github.com/salesforcecli/mcp/compare/0.10.0...0.10.1) (2025-06-28)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    153: ### Bug Fixes
    154: 
>>> 155: - **deps:** bump @salesforce/source-tracking from 7.4.1 to 7.4.6 ([4aa6ea9](https://github.com/salesforcecli/mcp/commit/4aa6ea9493a6c64ae79db736e1e7c1ec75b9f360))
    156: 
    157: # [0.10.0](https://github.com/salesforcecli/mcp/compare/0.9.1...0.10.0) (2025-06-27)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    159: ### Features
    160: 
>>> 161: - **apex-test:** add async,codecoverage,verbose,resume ([#75](https://github.com/salesforcecli/mcp/issues/75)) ([765f369](https://github.com/salesforcecli/mcp/commit/765f3690b49fe66bc3c680a937da669d94012ea8))
    162: 
    163: ## [0.9.1](https://github.com/salesforcecli/mcp/compare/0.9.0...0.9.1) (2025-06-26)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    165: ### Bug Fixes
    166: 
>>> 167: - don't finish process if no org is found ([bccd261](https://github.com/salesforcecli/mcp/commit/bccd261b6d649b2e39f676d8da98ec8002767199))
    168: 
    169: # [0.9.0](https://github.com/salesforcecli/mcp/compare/0.8.2...0.9.0) (2025-06-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    13:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/AppReviewService/appReviewService.js";
    14:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ARSpaceCapture/arSpaceCapture.js";
>>> 15:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BarcodeScanner/barcodeScanner.js";
    16:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BiometricsService/biometricsService.js";
    17:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/CalendarService/calendarService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    171: ### Features
    172: 
>>> 173: - add experimental toolset ([69b923e](https://github.com/salesforcecli/mcp/commit/69b923e84970c9c43223bb95d3457451ce87aff4))
    174: 
    175: ## [0.8.2](https://github.com/salesforcecli/mcp/compare/0.8.1...0.8.2) (2025-06-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    177: ### Bug Fixes
    178: 
>>> 179: - properly detect absolute paths ([31da000](https://github.com/salesforcecli/mcp/commit/31da000123490d893674cc9317ce497f986f3c67))
    180: 
    181: ## [0.8.1](https://github.com/salesforcecli/mcp/compare/0.8.0...0.8.1) (2025-06-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    183: ### Bug Fixes
    184: 
>>> 185: - change apex testing tool name ([1f4d760](https://github.com/salesforcecli/mcp/commit/1f4d76032e3dca654c6e9fd13da69318669b11b7))
    186: 
    187: # [0.8.0](https://github.com/salesforcecli/mcp/compare/0.7.0...0.8.0) (2025-06-23)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    189: ### Features
    190: 
>>> 191: - **W-18542403:** add tool annotations ([#61](https://github.com/salesforcecli/mcp/issues/61)) ([a0f50bc](https://github.com/salesforcecli/mcp/commit/a0f50bc1716dc8b3ca1f92f8204ba0a030e2bbe5))
    192: 
    193: # [0.7.0](https://github.com/salesforcecli/mcp/compare/0.6.3...0.7.0) (2025-06-23)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    195: ### Features
    196: 
>>> 197: - add apex/agent testing capabilities to MCP ([c87b802](https://github.com/salesforcecli/mcp/commit/c87b802e038494f4a536ab7a3f5a4f242508b26b))
    198: 
    199: ## [0.6.3](https://github.com/salesforcecli/mcp/compare/0.6.2...0.6.3) (2025-06-22)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    201: ### Bug Fixes
    202: 
>>> 203: - **deps:** bump zod from 3.25.64 to 3.25.67 ([e2e7a42](https://github.com/salesforcecli/mcp/commit/e2e7a42a76972009ef19b95cd7768142180ab4ba))
    204: 
    205: ## [0.6.2](https://github.com/salesforcecli/mcp/compare/0.6.1...0.6.2) (2025-06-22)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    207: ### Bug Fixes
    208: 
>>> 209: - **deps:** bump @jsforce/jsforce-node from 3.8.2 to 3.9.1 ([378d68e](https://github.com/salesforcecli/mcp/commit/378d68e6d62a3a3c683a6efad4ea36d15e081713))
    210: 
    211: ## [0.6.1](https://github.com/salesforcecli/mcp/compare/0.6.0...0.6.1) (2025-06-21)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    213: ### Bug Fixes
    214: 
>>> 215: - **deps:** bump @salesforce/source-deploy-retrieve ([e4cc411](https://github.com/salesforcecli/mcp/commit/e4cc411616c12facc9ce54720fc21d6d544406f3))
    216: 
    217: # [0.6.0](https://github.com/salesforcecli/mcp/compare/0.5.0...0.6.0) (2025-06-20)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    219: ### Bug Fixes
    220: 
>>> 221: - look for 'timed out' in the error message ([62959b6](https://github.com/salesforcecli/mcp/commit/62959b64abf3c10866ee4cc78e1c9028d872f720))
    222: 
    223: ### Features

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    223: ### Features
    224: 
>>> 225: - add a tool for resuming long running operations ([b1a1c87](https://github.com/salesforcecli/mcp/commit/b1a1c879788e7dfaa2c82c82d7fbd00ab0d06819))
    226: 
    227: # [0.5.0](https://github.com/salesforcecli/mcp/compare/0.4.3...0.5.0) (2025-06-16)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    229: ### Features
    230: 
>>> 231: - **W-18724886:** add logging ([#52](https://github.com/salesforcecli/mcp/issues/52)) ([b5dda36](https://github.com/salesforcecli/mcp/commit/b5dda369fd5cbec252bf4e3d6444fde8bf748344))
    232: 
    233: ## [0.4.3](https://github.com/salesforcecli/mcp/compare/0.4.2...0.4.3) (2025-06-15)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    235: ### Bug Fixes
    236: 
>>> 237: - **deps:** bump @salesforce/source-deploy-retrieve ([aae43cd](https://github.com/salesforcecli/mcp/commit/aae43cdcb95f85da6556685c71d29ed5411979d4))
    238: 
    239: ## [0.4.2](https://github.com/salesforcecli/mcp/compare/0.4.1...0.4.2) (2025-06-15)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    14:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ARSpaceCapture/arSpaceCapture.js";
    15:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BarcodeScanner/barcodeScanner.js";
>>> 16:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BiometricsService/biometricsService.js";
    17:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/CalendarService/calendarService.js";
    18:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ContactsService/contactsService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    241: ### Bug Fixes
    242: 
>>> 243: - **deps:** bump @modelcontextprotocol/sdk from 1.12.1 to 1.12.3 ([f9d75be](https://github.com/salesforcecli/mcp/commit/f9d75be88870a3afe9bd0cfb2a7af1c1b9d55bc4))
    244: 
    245: ## [0.4.1](https://github.com/salesforcecli/mcp/compare/0.4.0...0.4.1) (2025-06-14)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    247: ### Bug Fixes
    248: 
>>> 249: - **deps:** bump zod from 3.25.42 to 3.25.64 ([483cb7a](https://github.com/salesforcecli/mcp/commit/483cb7a7b0076cb916ab35bf6a645028587c9703))
    250: 
    251: # [0.4.0](https://github.com/salesforcecli/mcp/compare/0.3.0...0.4.0) (2025-06-13)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    253: ### Features
    254: 
>>> 255: - **W-18699160:** add telemetry ([#50](https://github.com/salesforcecli/mcp/issues/50)) ([1ab6dff](https://github.com/salesforcecli/mcp/commit/1ab6dffc75a9235facf9600ed5dbd8c6c393e359))
    256: 
    257: # [0.3.0](https://github.com/salesforcecli/mcp/compare/0.2.9...0.3.0) (2025-06-09)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    259: ### Bug Fixes
    260: 
>>> 261: - list all orgs with default W-18717116 ([#41](https://github.com/salesforcecli/mcp/issues/41)) ([13f8d9d](https://github.com/salesforcecli/mcp/commit/13f8d9d240b61e51301fafe7adae2bb5ab714c92))
    262: - report version at startup ([e53277a](https://github.com/salesforcecli/mcp/commit/e53277a01df7f0746b6c7574afe225a4480d9885))
    263: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    260: 
    261: - list all orgs with default W-18717116 ([#41](https://github.com/salesforcecli/mcp/issues/41)) ([13f8d9d](https://github.com/salesforcecli/mcp/commit/13f8d9d240b61e51301fafe7adae2bb5ab714c92))
>>> 262: - report version at startup ([e53277a](https://github.com/salesforcecli/mcp/commit/e53277a01df7f0746b6c7574afe225a4480d9885))
    263: 
    264: ### Features

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    264: ### Features
    265: 
>>> 266: - **W-18707407:** use oclif ([#40](https://github.com/salesforcecli/mcp/issues/40)) ([74ff246](https://github.com/salesforcecli/mcp/commit/74ff246c2e51e4ad535cfbbfcb0bc55aa46e3f16))
    267: 
    268: ## [0.2.9](https://github.com/salesforcecli/mcp/compare/0.2.8...0.2.9) (2025-06-07)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    270: ### Bug Fixes
    271: 
>>> 272: - **deps:** bump @salesforce/source-tracking from 7.3.25 to 7.4.1 ([23963a3](https://github.com/salesforcecli/mcp/commit/23963a3ade374160b2b092d399e1cdc83a5085b9))
    273: 
    274: ## [0.2.8](https://github.com/salesforcecli/mcp/compare/0.2.7...0.2.8) (2025-06-01)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    276: ### Bug Fixes
    277: 
>>> 278: - **deps:** bump @salesforce/core from 8.11.1 to 8.11.4 ([325c217](https://github.com/salesforcecli/mcp/commit/325c217dd5fb7df1aaa970b4572bed19324e2562))
    279: 
    280: ## [0.2.7](https://github.com/salesforcecli/mcp/compare/0.2.6...0.2.7) (2025-05-31)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    282: ### Bug Fixes
    283: 
>>> 284: - **deps:** bump @modelcontextprotocol/sdk from 1.12.0 to 1.12.1 ([f1f013d](https://github.com/salesforcecli/mcp/commit/f1f013d795f31e04983d7b6ed129324f769aa877))
    285: 
    286: ## [0.2.6](https://github.com/salesforcecli/mcp/compare/0.2.5...0.2.6) (2025-05-31)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    288: ### Bug Fixes
    289: 
>>> 290: - **deps:** bump zod from 3.25.28 to 3.25.42 ([84c6d87](https://github.com/salesforcecli/mcp/commit/84c6d87988c5d7674b05c0d24885e5e6a3292160))
    291: 
    292: ## [0.2.5](https://github.com/salesforcecli/mcp/compare/0.2.4...0.2.5) (2025-05-30)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    294: ### Bug Fixes
    295: 
>>> 296: - clean up the orgs section ([b8f2fa2](https://github.com/salesforcecli/mcp/commit/b8f2fa299bedf6763218ef9fec9222af33e5eff9))
    297: - edits ([8206bb2](https://github.com/salesforcecli/mcp/commit/8206bb27edc73033ffb67516d76f19b3a7e35db9))
    298: - first edit of README ([b80771a](https://github.com/salesforcecli/mcp/commit/b80771ac460e0a697f7ae63856f5bde1a279ace8))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    15:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BarcodeScanner/barcodeScanner.js";
    16:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BiometricsService/biometricsService.js";
>>> 17:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/CalendarService/calendarService.js";
    18:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ContactsService/contactsService.js";
    19:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/DocumentScanner/documentScanner.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    295: 
    296: - clean up the orgs section ([b8f2fa2](https://github.com/salesforcecli/mcp/commit/b8f2fa299bedf6763218ef9fec9222af33e5eff9))
>>> 297: - edits ([8206bb2](https://github.com/salesforcecli/mcp/commit/8206bb27edc73033ffb67516d76f19b3a7e35db9))
    298: - first edit of README ([b80771a](https://github.com/salesforcecli/mcp/commit/b80771ac460e0a697f7ae63856f5bde1a279ace8))
    299: - more editing ([4fa5fc8](https://github.com/salesforcecli/mcp/commit/4fa5fc825bdfc9a551b5417008c86655e4d18eb5))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    296: - clean up the orgs section ([b8f2fa2](https://github.com/salesforcecli/mcp/commit/b8f2fa299bedf6763218ef9fec9222af33e5eff9))
    297: - edits ([8206bb2](https://github.com/salesforcecli/mcp/commit/8206bb27edc73033ffb67516d76f19b3a7e35db9))
>>> 298: - first edit of README ([b80771a](https://github.com/salesforcecli/mcp/commit/b80771ac460e0a697f7ae63856f5bde1a279ace8))
    299: - more editing ([4fa5fc8](https://github.com/salesforcecli/mcp/commit/4fa5fc825bdfc9a551b5417008c86655e4d18eb5))
    300: - more edits ([7431210](https://github.com/salesforcecli/mcp/commit/7431210646f9fa8b2ab85fb2547a48fd2b3811bb))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    297: - edits ([8206bb2](https://github.com/salesforcecli/mcp/commit/8206bb27edc73033ffb67516d76f19b3a7e35db9))
    298: - first edit of README ([b80771a](https://github.com/salesforcecli/mcp/commit/b80771ac460e0a697f7ae63856f5bde1a279ace8))
>>> 299: - more editing ([4fa5fc8](https://github.com/salesforcecli/mcp/commit/4fa5fc825bdfc9a551b5417008c86655e4d18eb5))
    300: - more edits ([7431210](https://github.com/salesforcecli/mcp/commit/7431210646f9fa8b2ab85fb2547a48fd2b3811bb))
    301: - remove a tool, add info about Cline ([3eeeef7](https://github.com/salesforcecli/mcp/commit/3eeeef711f76779e1c65b951aaecb304e7673f6c))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    298: - first edit of README ([b80771a](https://github.com/salesforcecli/mcp/commit/b80771ac460e0a697f7ae63856f5bde1a279ace8))
    299: - more editing ([4fa5fc8](https://github.com/salesforcecli/mcp/commit/4fa5fc825bdfc9a551b5417008c86655e4d18eb5))
>>> 300: - more edits ([7431210](https://github.com/salesforcecli/mcp/commit/7431210646f9fa8b2ab85fb2547a48fd2b3811bb))
    301: - remove a tool, add info about Cline ([3eeeef7](https://github.com/salesforcecli/mcp/commit/3eeeef711f76779e1c65b951aaecb304e7673f6c))
    302: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    299: - more editing ([4fa5fc8](https://github.com/salesforcecli/mcp/commit/4fa5fc825bdfc9a551b5417008c86655e4d18eb5))
    300: - more edits ([7431210](https://github.com/salesforcecli/mcp/commit/7431210646f9fa8b2ab85fb2547a48fd2b3811bb))
>>> 301: - remove a tool, add info about Cline ([3eeeef7](https://github.com/salesforcecli/mcp/commit/3eeeef711f76779e1c65b951aaecb304e7673f6c))
    302: 
    303: ## [0.2.4](https://github.com/salesforcecli/mcp/compare/0.2.3...0.2.4) (2025-05-30)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    305: ### Bug Fixes
    306: 
>>> 307: - trim spaces ([#33](https://github.com/salesforcecli/mcp/issues/33)) ([faec308](https://github.com/salesforcecli/mcp/commit/faec308b31caf9c5a02a84fad345ee73c323905e))
    308: 
    309: ## [0.2.3](https://github.com/salesforcecli/mcp/compare/0.2.2...0.2.3) (2025-05-30)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    311: ### Bug Fixes
    312: 
>>> 313: - orgs flag ([2550fff](https://github.com/salesforcecli/mcp/commit/2550fff88b82a4bb99e302ae0ce92c5216f71c1b))
    314: 
    315: ## [0.2.2](https://github.com/salesforcecli/mcp/compare/0.2.1...0.2.2) (2025-05-30)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    317: ### Bug Fixes
    318: 
>>> 319: - remove sf-create-record tool ([#29](https://github.com/salesforcecli/mcp/issues/29)) ([9189053](https://github.com/salesforcecli/mcp/commit/9189053a0837bee28fb12487133b57c923959514))
    320: 
    321: ## [0.2.1](https://github.com/salesforcecli/mcp/compare/0.2.0...0.2.1) (2025-05-29)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    323: ### Bug Fixes
    324: 
>>> 325: - auth refactor ([d8e9fc1](https://github.com/salesforcecli/mcp/commit/d8e9fc13327df9f9f0f0e4730f120ab6478cce00))
    326: 
    327: # [0.2.0](https://github.com/salesforcecli/mcp/compare/0.1.0...0.2.0) (2025-05-29)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    329: ### Features
    330: 
>>> 331: - add `sf-deploy/retrieve-metadata` tools W-18573019 ([#25](https://github.com/salesforcecli/mcp/issues/25)) ([db28795](https://github.com/salesforcecli/mcp/commit/db28795981fd80062f6a03cb7b53069754bbeb58))
    332: 
    333: # [0.1.0](https://github.com/salesforcecli/mcp/compare/0.0.9...0.1.0) (2025-05-29)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    339: ### Features
    340: 
>>> 341: - adds assign permission and suggest username tools ([9470a1d](https://github.com/salesforcecli/mcp/commit/9470a1daf2a3d4a16338dcb196c9abcef86271ce))
    342: - config cache ([bd4fe97](https://github.com/salesforcecli/mcp/commit/bd4fe97d83961fc03f66c5a90f47b14eb672fa05))
    343: - toolsets, directory context, sf-get-username ([a00e332](https://github.com/salesforcecli/mcp/commit/a00e3324490fc59dda619e3a36e6d0118d6beb8f))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    340: 
    341: - adds assign permission and suggest username tools ([9470a1d](https://github.com/salesforcecli/mcp/commit/9470a1daf2a3d4a16338dcb196c9abcef86271ce))
>>> 342: - config cache ([bd4fe97](https://github.com/salesforcecli/mcp/commit/bd4fe97d83961fc03f66c5a90f47b14eb672fa05))
    343: - toolsets, directory context, sf-get-username ([a00e332](https://github.com/salesforcecli/mcp/commit/a00e3324490fc59dda619e3a36e6d0118d6beb8f))
    344: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    341: - adds assign permission and suggest username tools ([9470a1d](https://github.com/salesforcecli/mcp/commit/9470a1daf2a3d4a16338dcb196c9abcef86271ce))
    342: - config cache ([bd4fe97](https://github.com/salesforcecli/mcp/commit/bd4fe97d83961fc03f66c5a90f47b14eb672fa05))
>>> 343: - toolsets, directory context, sf-get-username ([a00e332](https://github.com/salesforcecli/mcp/commit/a00e3324490fc59dda619e3a36e6d0118d6beb8f))
    344: 
    345: ## [0.0.9](https://github.com/salesforcecli/mcp/compare/0.0.8...0.0.9) (2025-05-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    347: ### Bug Fixes
    348: 
>>> 349: - **deps:** bump zod from 3.24.3 to 3.25.28 ([d0c0f2d](https://github.com/salesforcecli/mcp/commit/d0c0f2dd1ca3741bc9306c7eab2f8a5ddd29c9ff))
    350: 
    351: ## [0.0.8](https://github.com/salesforcecli/mcp/compare/0.0.7...0.0.8) (2025-05-24)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    353: ### Bug Fixes
    354: 
>>> 355: - **deps:** bump @jsforce/jsforce-node from 3.8.1 to 3.8.2 ([4d86942](https://github.com/salesforcecli/mcp/commit/4d86942025aefcb4a4f3f94475bec55c40fd84cb))
    356: 
    357: ## [0.0.7](https://github.com/salesforcecli/mcp/compare/0.0.6...0.0.7) (2025-05-24)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    359: ### Bug Fixes
    360: 
>>> 361: - **deps:** bump @salesforce/source-deploy-retrieve ([08bb6e6](https://github.com/salesforcecli/mcp/commit/08bb6e6c6264e5301c8e32e7632ecbd07bc022a9))
    362: 
    363: ## [0.0.6](https://github.com/salesforcecli/mcp/compare/0.0.5...0.0.6) (2025-05-17)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    365: ### Bug Fixes
    366: 
>>> 367: - **deps:** bump @jsforce/jsforce-node from 3.8.0 to 3.8.1 ([22e2eab](https://github.com/salesforcecli/mcp/commit/22e2eabc3a17fec1e2e809c645778acd31643a17))
    368: 
    369: ## [0.0.5](https://github.com/salesforcecli/mcp/compare/0.0.4...0.0.5) (2025-05-02)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    371: ### Bug Fixes
    372: 
>>> 373: - more tools, org selection, restructuring ([c7bd8d3](https://github.com/salesforcecli/mcp/commit/c7bd8d3eb5ef7c79d4d64dd94fe9d2a391a036fa))
    374: - orgs args ([37a94a0](https://github.com/salesforcecli/mcp/commit/37a94a0c43b96f5ceefc4266440f7dbb952dddeb))
    375: - scripts and server start ([f8c7c86](https://github.com/salesforcecli/mcp/commit/f8c7c86e8f8af9c9aad3f8ba79987ed7e21caaef))

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    372: 
    373: - more tools, org selection, restructuring ([c7bd8d3](https://github.com/salesforcecli/mcp/commit/c7bd8d3eb5ef7c79d4d64dd94fe9d2a391a036fa))
>>> 374: - orgs args ([37a94a0](https://github.com/salesforcecli/mcp/commit/37a94a0c43b96f5ceefc4266440f7dbb952dddeb))
    375: - scripts and server start ([f8c7c86](https://github.com/salesforcecli/mcp/commit/f8c7c86e8f8af9c9aad3f8ba79987ed7e21caaef))
    376: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    373: - more tools, org selection, restructuring ([c7bd8d3](https://github.com/salesforcecli/mcp/commit/c7bd8d3eb5ef7c79d4d64dd94fe9d2a391a036fa))
    374: - orgs args ([37a94a0](https://github.com/salesforcecli/mcp/commit/37a94a0c43b96f5ceefc4266440f7dbb952dddeb))
>>> 375: - scripts and server start ([f8c7c86](https://github.com/salesforcecli/mcp/commit/f8c7c86e8f8af9c9aad3f8ba79987ed7e21caaef))
    376: 
    377: ## [0.0.4](https://github.com/salesforcecli/mcp/compare/0.0.3...0.0.4) (2025-04-26)

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    379: ### Bug Fixes
    380: 
>>> 381: - **deps:** bump @salesforce/core from 8.9.1 to 8.10.0 ([f460bff](https://github.com/salesforcecli/mcp/commit/f460bff8cba64969ccfa0cf2656cb5140ab05f55))
    382: 
    383: ## [0.0.3](https://github.com/salesforcecli/mcp/compare/0.0.2...0.0.3) (2025-04-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    385: ### Bug Fixes
    386: 
>>> 387: - **deps:** bump micromatch from 4.0.4 to 4.0.8 ([f64a166](https://github.com/salesforcecli/mcp/commit/f64a166b6c6a796da5b9adc9288a7f0474dc26e4))
    388: 
    389: ## [0.0.2](https://github.com/salesforcecli/mcp/compare/0.0.1...0.0.2) (2025-04-25)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    391: ### Bug Fixes
    392: 
>>> 393: - **deps:** bump braces from 3.0.2 to 3.0.3 ([7648323](https://github.com/salesforcecli/mcp/commit/764832387a22e5b6fbd08a9a0624048674902e5b))
    394: 
    395: ## [0.0.1](https://github.com/salesforcecli/mcp/compare/b72b9dce44b9c97428574a3ce89043e1030c73f9...0.0.1) (2025-04-24)

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    393: - **deps:** bump braces from 3.0.2 to 3.0.3 ([7648323](https://github.com/salesforcecli/mcp/commit/764832387a22e5b6fbd08a9a0624048674902e5b))
    394: 
>>> 395: ## [0.0.1](https://github.com/salesforcecli/mcp/compare/b72b9dce44b9c97428574a3ce89043e1030c73f9...0.0.1) (2025-04-24)
    396: 
    397: ### Bug Fixes

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    397: ### Bug Fixes
    398: 
>>> 399: - commit for release ([b72b9dc](https://github.com/salesforcecli/mcp/commit/b72b9dce44b9c97428574a3ce89043e1030c73f9))

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    16:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/BiometricsService/biometricsService.js";
    17:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/CalendarService/calendarService.js";
>>> 18:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ContactsService/contactsService.js";
    19:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/DocumentScanner/documentScanner.js";
    20:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/GeofencingService/geofencingService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    17:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/CalendarService/calendarService.js";
    18:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ContactsService/contactsService.js";
>>> 19:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/DocumentScanner/documentScanner.js";
    20:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/GeofencingService/geofencingService.js";
    21:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/LocationService/locationService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    18:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/ContactsService/contactsService.js";
    19:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/DocumentScanner/documentScanner.js";
>>> 20:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/GeofencingService/geofencingService.js";
    21:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/LocationService/locationService.js";
    22:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/NfcService/nfcService.js";

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    19:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/DocumentScanner/documentScanner.js";
    20:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/GeofencingService/geofencingService.js";
>>> 21:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/LocationService/locationService.js";
    22:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/NfcService/nfcService.js";
    23:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/PaymentsService/paymentsService.js";

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    20:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/GeofencingService/geofencingService.js";
    21:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/LocationService/locationService.js";
>>> 22:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/NfcService/nfcService.js";
    23:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/PaymentsService/paymentsService.js";
    24: }

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    81:       });
    82: 
>>> 83:       const response = await fetch(tokenUrl, {
    84:         method: 'POST',
    85:         headers: { 'Content-Type': 'application/x-www-form-urlencoded' },

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    21:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/LocationService/locationService.js";
    22:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/NfcService/nfcService.js";
>>> 23:   export * from "@salesforce/lightning-types/dist/lightning/mobileCapabilities/PaymentsService/paymentsService.js";
    24: }

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    54:       });
    55: 
>>> 56:       const response = await fetch(tokenUrl, {
    57:         method: 'POST',
    58:         headers: { 'Content-Type': 'application/x-www-form-urlencoded' },

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    45:   // Must return the name of your tool.
    46:   // For internal naming guidelines see:
>>> 47:   //  https://confluence.internal.salesforce.com/spaces/DOCTEAM/pages/1166876463/MCP+Server+Terminology+and+Style+Guide
    48:   public getName(): string {
    49:     return "example_tool";

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    4: ### Features
    5: 
>>> 6: * add devops/ca toolsets W-19616705 ([#230](https://github.com/salesforcecli/mcp/issues/230)) ([08b5356](https://github.com/salesforcecli/mcp/commit/08b5356f8a53ffeaf3462736169e95ba2729c39c))
    7: 
    8: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    13: ### Features
    14: 
>>> 15: * add lwc and aura experts toolsets ([#225](https://github.com/salesforcecli/mcp/issues/225)) ([f56c102](https://github.com/salesforcecli/mcp/commit/f56c1024dbd25845ee1216d21bc285a8062b31ed))
    16: 
    17: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    25: 
    26: 
>>> 27: # [0.2.0](https://github.com/salesforcecli/mcp/compare/39a8a8af9519529281acb1ee5b49ad4fd3f0229c...mcp-provider-api@0.2.0) (2025-08-28)
    28: 
    29: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    30: ### Bug Fixes
    31: 
>>> 32: * **W-19398430:** clean up from initial refactor ([#148](https://github.com/salesforcecli/mcp/issues/148)) ([39a8a8a](https://github.com/salesforcecli/mcp/commit/39a8a8af9519529281acb1ee5b49ad4fd3f0229c))
    33: 
    34: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    35: ### Features
    36: 
>>> 37: * **W-19398454:** move dx core tools to separate package ([#155](https://github.com/salesforcecli/mcp/issues/155)) ([36f94bb](https://github.com/salesforcecli/mcp/commit/36f94bb97e0ba4de8aeba700ff947d03eb865bc0))
    38: 
    39: 

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    4: ### Features
    5: 
>>> 6: * add `--tools` flag ([#231](https://github.com/salesforcecli/mcp/issues/231)) ([3effd2a](https://github.com/salesforcecli/mcp/commit/3effd2ac5ac72d9e8413a9f9402bb0f35ecb20d2)), closes [#234](https://github.com/salesforcecli/mcp/issues/234)
    7: * add devops/ca toolsets W-19616705 ([#230](https://github.com/salesforcecli/mcp/issues/230)) ([08b5356](https://github.com/salesforcecli/mcp/commit/08b5356f8a53ffeaf3462736169e95ba2729c39c))
    8: