Salesforce Core + Agentforce Integration
How BuildForce monitors and maintains your Salesforce–Agentforce integration health in real time.
Agentforce health problems aren't traditional integration failures — they're operational drift. The most common issues are CopilotActions deployed without SecurityReviewPassed=true (which silently blocks them in production), ServiceAgents whose grounding records are over-permissioned (leaking data across user boundaries), rate-limit misconfiguration on actions that call external APIs, and prompt templates whose Einstein Trust Layer masking rules don't match the data the prompt actually receives. BuildForce reads ServiceAgent, CopilotAction, and GenAiPromptTemplate metadata directly.
The Problem
Agentforce isn't another SaaS connector — it lives inside Salesforce and shares its security model, but its failure modes are new. An action with SecurityReviewPassed=false silently refuses to execute in production. An agent grounded on a report that contains data outside the running user's sharing set leaks across boundaries. A prompt template references a field that Trust Layer should mask, but the masking rule was never added. None of these surface as errors — they surface as wrong answers.
CopilotAction security review gaps
Actions without SecurityReviewPassed=true are blocked silently in production but tested fine in sandbox. BuildForce surfaces every action's security review status in one view.
Grounding source over-permissioning
An agent grounded on a report or knowledge article that contains data outside the running user's sharing boundary will leak in answers. BuildForce flags grounding sources that ignore sharing.
Action rate limit misconfiguration
CopilotActions calling external APIs without RateLimitConfigured=true can exhaust API quotas or hit downstream rate limits. BuildForce validates rate limit configuration per action.
Trust Layer masking coverage
Prompt templates that reference PII fields without a corresponding masking rule will send raw PII to the model. BuildForce maps masking rules against template field references.
How BuildForce Solves It
BuildForce queries ServiceAgent, CopilotAction, GenAiPromptTemplate, and related metadata to validate every active agent has passed security review, that action rate limits are configured, that grounding sources respect sharing, and that Trust Layer masking covers all referenced fields.
Agent inventory and health
Lists every ServiceAgent in the org with status, last invocation, and recent error rate from agent run logs.
CopilotAction security audit
Validates SecurityReviewPassed, AccessLevel, RateLimitConfigured, and ScopeRestricted on every deployed action.
Grounding source sharing audit
Identifies grounding sources (reports, knowledge, Data Cloud DMOs) whose data exceeds running-user sharing.
Trust Layer coverage check
Compares prompt template field references against masking policies and flags PII references missing masking.
See your Salesforce–Agentforce integration health in 10 minutes
Connect your org via OAuth and get an immediate health report — no configuration required.
Book a DemoCommon Questions
Everything you need to know about Salesforce–Agentforce integration monitoring with BuildForce.
Ready to monitor your Salesforce + Agentforce integration?
Join teams who trust BuildForce to keep their integrations healthy and their data accurate.