Read-only Salesforce MCP server
sf-intelligence is a Model Context Protocol (MCP) server built for understanding a Salesforce org - impact analysis, dependency tracing, permissions, and documentation - not deploying to it. It is the only free, offline, read-only Salesforce MCP server that answers from your org's real metadata.
What is a Salesforce MCP server?
The Model Context Protocol (MCP) lets AI assistants call tools against external systems. A Salesforce MCP server exposes org-aware tools - schema lookup, dependency analysis, permission tracing - that Claude, Cursor, Codex, or any MCP client can invoke during a conversation.
Most Salesforce MCP servers are built for DevOps tasks: deploy, retrieve, run Apex, execute SOQL. sf-intelligence fills the gap they leave open: read-only org intelligence with explicit provenance on every answer.
How sf-intelligence differs
| Property | sf-intelligence | Typical Salesforce MCP servers |
|---|---|---|
| Write path | None - read-only retrieve only | Often deploy, edit, run Apex/SOQL |
| Default mode | Offline - answers from local vault | Live API calls per question |
| Primary use | Impact analysis, permissions, documentation | DevOps, coding, data queries |
| Data leaves your machine | Never (vault is local) | Varies - often cloud-hosted |
| Cost | Free (MIT + Commons Clause) | Free official tools or paid SaaS |
See a detailed comparison with Salesforce's official DX MCP server on the comparison page.
Works with Claude, Cursor, Codex, and more
Register once via stdio transport. The server resolves the vault from your Salesforce DX repo's working directory.
Claude Code (project-scoped)
claude mcp add --transport stdio --scope project sf-intelligence -- npx -y sf-intelligence mcpClaude Desktop / Cursor / any MCP client
{
"mcpServers": {
"sf-intelligence": {
"type": "stdio",
"command": "npx",
"args": ["-y", "sf-intelligence", "mcp"]
}
}
}Remote read-only HTTP (optional)
For CI or shared read-only access on localhost, sfi serve --http exposes streamable HTTP with bearer-token auth. The live plane is hard-disabled over HTTP - remote callers cannot reach your org. Details in the configuration reference.
171 read-only tools, plain-language routing
You never memorize tool names. Ask questions like:
- "What breaks if I delete the Contact email field?" → impact analysis
- "Why can't this user see this record?" → sharing troubleshooting
- "Where is this Apex class used?" → dependency graph + source grep
- "Generate a data dictionary for this org" → documentation tools
A deterministic router maps each question to the right tools across offline, live, and hybrid planes. Browse the full capability map or tool reference.
Safe for production orgs
Enterprise testers' first question: what does this do to my org? The answer is nothing destructive:
- Only
sf project retrievetouches Salesforce - metadata read, never write - Vault answers make no network calls
- Live plane is off until you grant per-org consent
- No telemetry, no phone-home
Full guarantees on the trust page and in FAQ.
Register in 30 seconds.
Free on npm. One read-only retrieve, then ask anything about your org.