FAQ-000106 - Agentforce Integration Security / General Integration Security Practices

To handle Agentforce integrations securely, follow these guidelines: 1. **Third-Party Services**: Ensure third-party integrations meet AppExchange security standards. Avoid using third-party LLM services like OpenAI or Google; instead, use Agentforce solutions. 2. **User Confirmation**: For custom actions that modify org data or invoke sensitive actions, enable user confirmation to validate the action before execution. 3. **Sensitive Data Storage**: Store sensitive data securely using approved methods like protected custom settings or metadata. Avoid hardcoding sensitive or secret data in your code. 4. **Prompt-Injection Mitigation**: Implement strategies to mitigate vulnerabilities from untrusted input in prompts. Use multiple mitigation techniques when constructing prompts with user-controlled input. 5. **Output Validation**: Treat all content generated by prompt templates or the Agentforce Models API as untrusted. Validate and sanitize outputs, especially if they're used as inputs for other processes or visible to customers. 6. **Documentation**: Classify custom actions in your managed package documentation, specifying the agent type (employee-facing or service agent) and whether the action returns public or private data. By adhering to these practices, you can ensure secure and compliant integrations with Agentforce.

The main improvement made was adding 'in your code' to point 3 for clarity about where hardcoding should be avoided. This makes the guidance more specific and actionable. The selected security rules relate directly to the security practices discussed: AvoidHardcodedCredentialsInFieldDecls, AvoidHardcodedCredentialsInVarAssign, AvoidHardcodedCredentialsInVarDecls, and AvoidHardcodedCredentialsInHttpHeader all relate to point 3 about avoiding hardcoded sensitive data. ApexSuggestUsingNamedCred relates to secure credential management mentioned in point 3. ProtectSensitiveData directly supports the sensitive data storage guidance in point 3. ApexSOQLInjection relates to point 4's discussion of prompt-injection mitigation as both deal with preventing injection attacks from untrusted input. ApexXSSFromURLParam relates to point 5's output validation requirements as both address sanitization of potentially dangerous content that could be used in other processes.