sf-security
sf-security
Implement Salesforce Commerce security across B2C and B2B platforms.
Before Writing Code
Always fetch the latest official documentation BEFORE implementing security controls:
- SLAS Security: WebSearch "Salesforce SLAS OAuth 2.1 security guide 2026" and WebFetch official Commerce API docs
- B2C Commerce Security: WebSearch "Salesforce B2C Commerce security best practices 2026" and WebFetch the security reference
- Salesforce Security Guide: WebSearch "Salesforce security guide OWASP 2026" and WebFetch official documentation
- PCI DSS Requirements: WebSearch "PCI DSS v4 requirements ecommerce 2026" for current compliance standards
Why: OAuth flows, CSRF protection patterns, encoding modes, and PCI requirements evolve. Live docs ensure correct implementation of current security standards.
Conceptual Architecture
Authentication
More from orcaqubits/agentic-commerce-skills-plugins
magento-performance
Optimize Magento 2 performance — full page cache (Varnish), Redis, indexer tuning, JavaScript/CSS optimization, database optimization, and profiling. Use when diagnosing slow pages, optimizing load times, or configuring caching.
4js-modern
Write modern JavaScript and TypeScript — ES6+ features, async/await, modules, destructuring, optional chaining, TypeScript types, and modern tooling. Use when writing JavaScript/TypeScript for BigCommerce themes, apps, or headless storefronts.
4graphql-dev
Write GraphQL queries, mutations, and subscriptions — fragments, code generation, TypedDocumentNode, variables, error handling, and client setup. Use when writing GraphQL code for Saleor.
4node-backend
Build Node.js backends for BigCommerce apps — Express/Fastify servers, OAuth handling, JWT verification, API proxy, webhook processing, session management, and deployment. Use when building the server-side component of BigCommerce apps.
4magento-service-contracts
Implement Magento 2 service contracts — repository interfaces, data interfaces, SearchCriteria, and the repository pattern. Use when building module APIs, data access layers, or integrating with Magento's Web API.
3magento-plugins-interceptors
Implement Magento 2 plugins (interceptors) — before, after, and around methods for modifying class behavior without inheritance. Use when extending core or third-party module functionality.
3