ⓘ | Salesforce | salesforce.resolve_devops_center_deployment_failure | DevOps Center | medium | medium | | SOXCOSOSOC2ISO_27001 | Diagnoses a failed deploy and applies remediation steps; can re-trigger metadata deploys to resolve the failure. |
ⓘ | Salesforce | salesforce.query_code_analyzer_results | Code Analysis | low | high | | | Filters and summarizes a Code Analyzer results JSON file; reads local files only. |
ⓘ | Salesforce | salesforce.promote_devops_center_work_item | DevOps Center | critical | high | ⚠ SoD | SOXCOSOSOC2ISO_27001NIST_CSF | Promotes a work item to the next pipeline stage, which deploys metadata to that environment — applies to UAT or production stages and bypasses additional review when invoked unilaterally. |
ⓘ | Salesforce | salesforce.open_org | Org & Configuration | low | high | | | Opens an authenticated browser session to the org for the operator; no data movement on its own. |
ⓘ | Salesforce | salesforce.list_devops_center_work_items | DevOps Center | low | high | | | Lists work items for a DevOps Center project; reveals in-flight changes. |
ⓘ | Salesforce | salesforce.list_devops_center_projects | DevOps Center | low | high | | | Lists DevOps Center projects in the org; reveals release-pipeline structure but not contents. |
ⓘ | Salesforce | salesforce.list_code_analyzer_rules | Code Analysis | low | high | | | Lists configured Code Analyzer rules; read-only configuration introspection. |
ⓘ | Salesforce | salesforce.list_all_orgs | Org & Configuration | low | high | | | Lists locally-authorized orgs and their connection status; reveals which Salesforce environments the principal has credentials for. |
ⓘ | Salesforce | salesforce.get_username | Org & Configuration | low | high | | | Returns the resolved username or alias for the default org or Dev Hub; reads local CLI configuration only. |
ⓘ | Salesforce | salesforce.enrich_metadata | Metadata & Deploy | low | medium | | | Augments local DX project metadata with additional org context; modifies local files only. |
ⓘ | Salesforce | salesforce.detect_devops_center_merge_conflict | DevOps Center | low | high | | | Inspects branches to identify merge conflicts for a work item; read-only diagnostic. |
ⓘ | Salesforce | salesforce.describe_code_analyzer_rule | Code Analysis | low | high | | | Returns the description of a single Code Analyzer rule; read-only. |
ⓘ | Salesforce | salesforce.deploy_metadata | Metadata & Deploy | critical | high | ⚠ SoD | SOXCOSOSOC2ISO_27001NIST_CSF | Pushes metadata changes (Apex, validation rules, sharing settings, profiles, flows) to a Salesforce org — bypasses change-management gates and can reshape security or financial-reporting logic in production. |
ⓘ | Salesforce | salesforce.delete_org | Org & Configuration | high | high | ⚠ SoD | SOC2ISO_27001 | Permanently deletes a scratch org or sandbox; irreversible loss of any non-replicated test data and dev work in that org. |
ⓘ | Salesforce | salesforce.create_scratch_org | Org & Configuration | medium | high | | SOC2ISO_27001 | Provisions a new scratch org that consumes Dev Hub limits; isolated from production data but counts against entitlements. |
ⓘ | Salesforce | salesforce.create_org_snapshot | Org & Configuration | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Captures a scratch-org snapshot containing org metadata and seed data; snapshot may include test data that resembles PII. |
ⓘ | Salesforce | salesforce.create_devops_center_work_item | DevOps Center | low | high | | SOC2ISO_27001 | Creates a new DevOps Center work item in a project; entry point for tracking a change but no deploy or production effect on its own. |
ⓘ | Salesforce | salesforce.create_devops_center_pull_request | DevOps Center | medium | high | | SOXCOSOSOC2ISO_27001 | Opens a pull request from the work item's feature branch into the integration branch; queues the change for review and downstream promotion. |
ⓘ | Salesforce | salesforce.create_custom_rule | Code Analysis | low | medium | | | Creates a custom XPath-based PMD rule from sample Apex; modifies local rule configuration only. |
ⓘ | Salesforce | salesforce.commit_devops_center_work_item | DevOps Center | medium | high | | SOXCOSOSOC2ISO_27001 | Commits local DX project changes to the work item branch and registers the commit SHA in DevOps Center; advances the change toward a controlled deploy. |
ⓘ | Salesforce | salesforce.checkout_devops_center_work_item | DevOps Center | low | high | | | Switches the local repo to the feature branch tied to a work item; does not change org state. |
ⓘ | Salesforce | salesforce.check_devops_center_commit_status | DevOps Center | low | high | | | Returns the registration status of a previously committed work item; read-only. |
ⓘ | Salesforce | salesforce.assign_permission_set | Identity & Access | critical | high | ⚠ SoD | SOXCOSOSOC2ISO_27001NIST_CSF | Grants a permission set to a user, expanding what the principal can read and write across every object the set covers — bypasses access-review controls. |
ⓘ | Ramp | ramp.process_data | Data Access | low | high | | SOC2 | Stages loaded data into the analysis SQLite database. |
ⓘ | Ramp | ramp.load_vendors | Financial | medium | high | | SOXCOSOSOC2 | Imports the vendor master file. |
ⓘ | Ramp | ramp.load_vendor_bank_accounts | Financial | high | high | ⚠ SoD | SOXCOSOGLBASOC2ISO_27001 | Loads vendor payout banking details; tampering enables payment redirection fraud. |
ⓘ | Ramp | ramp.load_users | Identity & Access | medium | high | | SOC2ISO_27001GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Imports the user roster including employee identifiers and roles. |
ⓘ | Ramp | ramp.load_transactions | Financial | high | high | | SOXCOSOGLBAPCIGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Pulls corporate card transaction records into the analysis sandbox; financial PII at scale. |
ⓘ | Ramp | ramp.load_spend_programs | Financial | medium | high | | SOXCOSOSOC2 | Imports spend program definitions used to govern card-issuance policy. |
ⓘ | Ramp | ramp.load_spend_limits | Financial | medium | high | | SOXCOSOSOC2 | Imports per-card or per-program spend limits. |
ⓘ | Ramp | ramp.load_reimbursements | Financial | high | high | | SOXCOSOGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Pulls employee reimbursement records, including amounts and supporting metadata. |
ⓘ | Ramp | ramp.load_locations | Operations | low | high | | | Imports configured business locations. |
ⓘ | Ramp | ramp.load_entities | Operations | low | high | | SOXCOSO | Imports legal-entity definitions used for accounting consolidation. |
ⓘ | Ramp | ramp.load_departments | Operations | low | high | | SOXCOSO | Imports the department list used for cost-center attribution. |
ⓘ | Ramp | ramp.load_bills | Financial | medium | high | | SOXCOSOSOC2ISO_27001 | Imports vendor bills due for payment. |
ⓘ | Ramp | ramp.load_bank_accounts | Financial | high | high | | SOXCOSOGLBASOC2ISO_27001NY_DFS_500 | Loads bank-account configuration including routing/account references. |
ⓘ | Ramp | ramp.get_ramp_categories | Data Access | low | high | | | Returns the canonical Ramp expense-category taxonomy. |
ⓘ | Ramp | ramp.get_currencies | Data Access | low | high | | | Returns supported currencies and ISO codes. |
ⓘ | Ramp | ramp.execute_query | Data Access | high | high | | SOXCOSOGLBAGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Runs arbitrary SQL over loaded financial records inside the sandbox. |
ⓘ | Ramp | ramp.clear_table | Data Access | low | high | | | Empties the ephemeral analysis SQLite table; no impact on Ramp data. |
ⓘ | PostHog | posthog.update-feature-flag | Feature Flags | high | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Changes who sees a feature in production; can ship or break experiences without code review. |
ⓘ | PostHog | posthog.survey-update | Operations | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Edits a live survey; can change consent text or targeting after launch. |
ⓘ | PostHog | posthog.survey-delete | Operations | medium | high | ⚠ SoD | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Deletes a survey and its responses; may destroy collected feedback. |
ⓘ | PostHog | posthog.survey-create | Operations | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Publishes a survey targeted to identified users; collects new PII responses. |
ⓘ | PostHog | posthog.scheduled-changes-delete | Feature Flags | medium | high | | SOC2 | Cancels a scheduled flag change; can leave intended rollout undone. |
ⓘ | PostHog | posthog.scheduled-changes-create | Feature Flags | medium | high | ⚠ SoD | SOC2ISO_27001 | Schedules a future flag change without re-review at execution time. |
ⓘ | PostHog | posthog.query-run | Data Access | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Executes saved or ad-hoc queries that may return identified user data. |
ⓘ | PostHog | posthog.query-logs | Data Access | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Searches application logs that can include user identifiers and request payloads. |
ⓘ | PostHog | posthog.query-llm-traces-list | Data Access | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Bulk-lists LLM traces; potential PII exposure depending on prompt content. |
ⓘ | PostHog | posthog.query-llm-trace | Data Access | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Returns LLM trace details including prompts that may contain customer or PII content. |