Flow-Scanner/lightning-flow-scanner
GitHub
Releases511
Frequency1 day 22 hours
Last Release
Stars171
A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flow. Scans metadata for 20+ issues such as hardcoded IDs, unsafe contexts, inefficient DML operations, recursion risks, and more. Supports auto-fixes, rule configurations, and CI/CD integration to help maintain secure and reliable Flow automations.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.4 HIGH | — | ||
Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6. | |||