Skip to main content

Code reviews rule: Missing customer verification in Agentforce agent

Written by David Martin
Updated this week

Missing customer verification in Agentforce agent

Why is this an issue?

This rule identifies a Security vulnerability where an Agentforce Service Agent is configured to perform actions without first verifying the identity of the user.

Without an explicit customer verification step, the agent may execute sensitive transactions or reveal private data to unauthorized users. Implementing a verification handshake ensures that the agent only acts upon the data of a correctly identified and authenticated individual.

Examples

Example of incorrect code: The GenAiPlannerBundle defines plugins but omits the required verification template.

<GenAiPlannerBundle xmlns="http://soap.sforce.com/2006/04/metadata">
    <description>Service Agent Planner</description>
    <genAiPlugins>
        <genAiPluginName>Order_Management_Actions</genAiPluginName>
    </genAiPlugins>
    <masterLabel>Service Agent Planner</masterLabel>
    <plannerType>AiCopilot__ReAct</plannerType>
</GenAiPlannerBundle>

Example of correct code: The GenAiPlannerBundle includes the standard Salesforce service verification plugin.

<GenAiPlannerBundle xmlns="http://soap.sforce.com/2006/04/metadata">
    <description>Service Agent Planner</description>
    <genAiPlugins>
        <genAiPluginName>SvcCopilotTmpl__ServiceCustomerVerification</genAiPluginName>
    </genAiPlugins>
    <genAiPlugins>
        <genAiPluginName>Order_Management_Actions</genAiPluginName>
    </genAiPlugins>
    <masterLabel>Service Agent Planner</masterLabel>
    <plannerType>AiCopilot__ReAct</plannerType>
</GenAiPlannerBundle>

How can I fix violations?

To resolve this violation, add the standard Customer Verification topic to your Agentforce Service Agent.

  1. In Salesforce Setup, navigate to Agents and open the agent flagged by this rule.

  2. In the Agent Builder, click New Topic or browse the available templates.

  3. Add the Customer Verification topic (from the SvcCopilotTmpl template library).

  4. Configure any topics that handle sensitive data or record updates to require verification before they can be activated.

When should I disable this rule?

You may consider dismissing specific instances of this violation or disabling the rule if:

  • The agent is strictly informational and does not have access to any sensitive data or the ability to perform record updates.

  • You are using a custom verification framework that does not use the SvcCopilotTmpl namespace (though using the standard template is recommended for Salesforce Service Agents).

Resources

Related Articles
Why can't I compare the standard matching rules?
How to deploy Agentforce (GenAi & Ai) metadata types
"Default Agentforce comparison" metadata filter
Code reviews rule: Untested Agentforce agent
Code reviews rule: Incorrect Agentforce settings
Did this answer your question?