the system of control · salesforce ai agents
Salesforce now lets AI agents read and write to any org. The agent will inherit whatever its user can reach: every object, every field, every permission, that nobody has probably reviewed in years. Before it acts, you need to know what's actually in there, and what breaks if it gets one thing wrong. We read your org the way the architect who built it would, and hand you the map, with the faults already marked.
objects, automations, and the one cascade that loops back on itself
Admins came and went. Consultants delivered and moved on. A VP automated something on a weekend in 2019. Flows were built, broken, half-fixed, and abandoned. What's left is a system no single person can hold in their head: hundreds of automations, thousands of fields, permissions stacked on permissions.
It held together while humans were the only ones touching it. People hesitate. People ask. People notice when something looks wrong. An agent does none of that. It acts at machine speed, on whatever it can reach.
If you don't know what's in your org, you can't know what an agent is allowed to touch, or what breaks the first time it gets something wrong.
We read your org, design the control layer that governs what an agent can do, and build the systems that enforce it. Every engagement is fixed fee. You own everything we deliver.
Before an agent writes a change back to Salesforce, a deterministic layer checks it against your rules. The agent proposes. The layer decides. If a change doesn't pass, it never reaches a record.
When your board or your auditor asks what the agents are doing, the answer isn't "we trust the AI." It's that nothing the AI does reaches the org until it's verified. That is the answer that survives an audit, and the heart of real agent data security.
one user, fanning out to everything it can reach: the over-privileged paths in red
An agent inherits whatever its user can reach. Our permission audit maps that surface first, every object and field in range, so over-privileged paths get scoped down before the agent is switched on, not after something goes wrong.
every finding graded by how we know it, so you act on what's confirmed and verify the rest
Everyone starts the same way: the X-Ray. From there it's a climb. See if it's safe, make it safe, then keep it safe as the org keeps changing. Every engagement is fixed fee, so you know the cost before you set off.
Already seen a two-minute readiness score? Here's how the X-Ray goes deeper than a scan →
priced for the engagement, not the hourYou're about to put an agent on Salesforce. You need to know whether the org is ready and exactly what the agent would inherit. We read it and grade every finding. Read-only.
Object & field inventory. Automation blast-radius mapping. Permission audit. Data-quality profiling. Cost forecast.
read-only · one week · fixed feeA checklist isn't a fix. We work down the list, then stand up your first agent behind a validation layer that checks every action against your rules before it touches a record.
Findings remediated. First agent deployed. Validation layer live. Human sign-off where it matters.
fixed scopeYour org will keep changing. New fields, new automations, new hands that don't know what the agent depends on. We stay, keeping the agent aligned with the org and catching drift before it reaches it.
Ongoing alignment. Diagnostic scans when something changes. Advisory on what to build next. Builds quoted separately.
monthly, scope-protectedWant to see the road before you take it? Look at a finished diagnostic.
see a sample diagnosticfree tool · agentforce cost
Salesforce lists $2 per conversation. The real number depends on how many actions your org makes the agent take, and that is set by how clean your org is. Put your own numbers in and see the monthly and annual estimate. Free, no signup.
common questions
It comes down to three things: whether you can see every automation an agent might trigger, whether permissions are scoped so the agent only touches what it should, and whether your data is clean enough to act on. Most orgs built over years cannot answer those with confidence. A readiness assessment maps all three before you turn an agent on.
A read-only review of your org that finds what an AI agent would inherit: every object and field, the automations that fire when a record changes, where permissions are over-scoped, and where data quality is weak. You get a map with the risks marked, so you know what to fix before deploying. See our services for how it works.
Three main ones. Over-permission: the agent inherits more access than it needs and can read or change data it should not. Hidden cascades: one agent action triggers a chain of automations that breaks something downstream. Acting on bad data: the agent treats stale or duplicate records as truth. Each is knowable in advance by reading the org first.
Salesforce prices it two ways: Flex Credits at $0.10 per action, or $2 per conversation. Your real cost depends on how many actions each conversation takes, which is driven by how complex your org is. Estimate yours with our free Agentforce cost calculator.
Start by making the org legible: an inventory of what exists, a map of what depends on what, and a list of what is unused or risky. That is the foundation for any cleanup, migration, or agent rollout. It is exactly what a read-only org assessment produces. Start a conversation.
That quiet worry about what the agent might touch is not paranoia. It is the last thing standing between you and go-live. We find it, mark it, and hand you the map. The hard call becomes an easy one.
show me what's in my org