Phase H Flagship
Chat with your data.
No copilot licence required.
Drop one LWC on any Lightning page. Users type questions in English. FlowMason generates SOQL, runs an 8-gate sanitiser, executes under FLS, and returns rows + a one-sentence answer. No SOQL knowledge required. No data leaves your org.
What you can ask
Type plain English. Get rows + answers. Optional cross-object reasoning when tool-calling is on.
One LWC. Seven placement surfaces.
Drop the same component anywhere admins want to put it. Surface gating is a single CSV kill-switch.
Tab
Standalone Lightning tab
Utility Bar
Always-on dock at the bottom of every page
Global Action
"+" menu in every app + Salesforce Mobile
Agentforce Copilot
Wired as an Apex Action; routes through the same trust boundary
Record Page
Auto-scoped to the current record
Home Page
Standard Lightning home placement
App Page
Custom Lightning App Builder pages
Multi-step reasoning, provider-agnostic.
Tool-calling lets the assistant chain queries for cross-object questions. "Which leads work at the same accounts as my top 5 open opps?" becomes one user turn, three tool calls, one answer. Provider-agnostic. The 4 canonical tools live behind one dispatcher; adding a new tool is one method.
run_soql Execute a single SOQL SELECT. Validated through the 8-gate sanitiser before any row leaves the org.
lookup_metadata Per-object metadata excerpt: triggers, active flows, validation rules, dependency degree, perm-set FLS.
object_relationships Parent lookups + child relationships for one SObject. Drives cross-object SOQL planning.
inventory_search Search the org component inventory by name or type. ApexClass, ApexTrigger, FlowDefinition, ValidationRule, PermissionSet.
Provider tool-call matrix
| Provider | Native tools |
|---|---|
| Anthropic | ✓ |
| OpenAI | ✓ |
| Azure OpenAI | ✓ |
| AWS Bedrock | ✓ |
| Ollama | ✓ |
| EdenAI | — |
| Google Vertex | — |
| Salesforce Models API | — |
Providers without tool support fall back to single-shot automatically. EdenAI / Vertex / Models API still work; the assistant just runs one round-trip per turn instead of iterating.
Validated SOQL. No DML tool. Three fail-closed gates.
Even a successfully prompt-injected LLM cannot exfiltrate data because every SOQL passes the 8-gate sanitiser before any row leaves your org.
8-gate SOQL sanitiser
DML keywords, multi-statement, non-allowlisted objects, LIMIT injection, bind safety. 27+ refusal tests + fuzz cohort.
No DML tool exposed
Assistant has read-only powers via tools. DML still requires the human-confirm modal.
Three fail-closed DML gates
org switch + per-object allowlist + permset. Any one says no, the answer is no.
FLS scrub on prompts
FMPromptGuard removes field references the running user can't see. Kill switch: FLS_PROMPT_GUARD_ENABLED.
PII redaction
FMRedactor value-pattern + key-pattern catalog runs on every prompt + every reply.
Per-user rate limits
60 turns/min/user; 3 DML confirms/min/user. Configurable via FM_Config__mdt.
Discovery nudge gating
Custom permission required to see "want me to introspect <object>?" suggestions. Recon-vector mitigation.
Immutable audit trail
Every confirmed DML lands in FM_Org_Chat_Dml_Audit__c with diff + filter + actor + timestamp.
No data egress
Server-side state lives in Salesforce Platform Cache. Never on the LLM vendor's infrastructure.
Live org introspection.
Two layers. INV-1 reads triggers, flows, and validation rules per turn (capped at 8 KB). INV-2 harvests org component inventory nightly so the assistant can answer questions like "what triggers fire on Lead?" without re-querying Tooling per chat turn.
Per-turn org context
FMOrgIntrospector reads Tooling at request time + threads triggers / active flows / validation rules / dependency degree / perm-set FLS into the LLM prompt for the SObjects in scope.
Component inventory snapshot
FMOrgInventoryHarvester walks ApexClass + ApexTrigger + FlowDefinitionView + ValidationRule + PermissionSet once per day. The assistant searches FM_Org_Inventory_Snapshot__c via the inventory_search tool.
Ready to chat with your org?
10-minute install. Permset-gated. FLS-aware. Switch off any time.