AI Code Guardrail · Salesforce / Ops

Apexlint

Your agent wrote Apex at 2am. Who reviewed it?

Buyer & pain

Applied AI Engineer / AI Solutions Architect / Salesforce Platform Lead — AI agents write Apex, Flow JSON, and n8n DSL that compiles and passes unit tests but silently fails in production: SOQL inside a loop hits the 100-query governor at record 101; a hardcoded record ID breaks in every sandbox; an empty catch block swallows the DML exception. The reviewer today is a senior human staring at a screen — or nobody, and the breakage surfaces in prod.

Problem

Standard PR tools (ESLint, PMD, SonarQube) don't understand Salesforce governor limits, Flow node semantics, or n8n execution DSL. There's no deterministic, CI-gateable guardrail between an agent and production that speaks the vocabulary of the ops-code it's reviewing.

Before

Agent ships a trigger. It passes unit tests with 50 records. At record 101 it hits the SOQL governor, the deployment fails in prod, and the on-call engineer is debugging a wall of generic errors without knowing which line caused it.

After

● CRITICAL · AP-001 · Line 4 — SOQL inside a loop. Passes every unit test; dies in prod at row 101 when it hits the 100-query governor. Click the finding. The code scrolls to line 4. The fix expands inline: hoist the query, collect IDs, map the results.

What the 30-second demo proves

  1. Domain-specific failure modes — the AP-001 finding names the exact governor (100 queries) and the exact row it dies on (101). This isn't generic; it's the canonical Salesforce bug.
  2. Deterministic rules, not an LLM call — same input produces byte-identical findings every run. CI-gateable. No data egress. Sub-50ms. Knowing when not to use an LLM is the signal.
  3. Code↔finding bidirectional link — clicking a finding scrolls to the offending line, dims everything else, and expands the fix inline. Clicking the flagged line selects its finding. The interaction is the product identity.
  4. AI governance as an explicit job duty — this is the "final gatekeeper" role three target postings describe verbatim, shipped as a working artifact.

How it works

  1. Three tabs: Apex · Flow · n8n — each pre-loaded with a synthetic sample (agent-generated, bugs planted) and pre-linted on open. No empty first impression.
  2. 16 deterministic rules — 8 Apex rules (SOQL in loop, DML in loop, hardcoded IDs, empty catch, unbulkified handler, …), 4 Flow rules (missing fault path, hardcoded IDs), 4 n8n rules (no error workflow, no retry on HTTP).
  3. Paste your own — replace the sample per tab; the rule engine runs client-side in under 50ms, no spinner.
  4. Public rule repogithub.com/dallascrilley/apexlint-rules: 16 rules + passing/failing fixture pairs per rule. The claim is checkable, not asserted.

Integration surface

Pure client-side TypeScript. No backend, no API keys, no data egress — code never leaves the tab. Apex rules use a comment-strip pre-pass + brace-depth scan + regex. Flow/n8n rules walk the parsed JSON tree. Deploys as a static Cloudflare Pages subpath.

Skills proven

Roles this maps to

Try the live demo → dallascrilley.com