change-management-and-deployment
Use when planning, reviewing, or troubleshooting Salesforce metadata releases and admin deployment processes. Triggers: 'change set', 'deployment plan', 'rollback', 'DevOps Center', 'SFDX deploy', 'release checklist', 'production deployment'. NOT for writing CI pipeline code unless the key problem is release method and governance.
Best use case
change-management-and-deployment is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when planning, reviewing, or troubleshooting Salesforce metadata releases and admin deployment processes. Triggers: 'change set', 'deployment plan', 'rollback', 'DevOps Center', 'SFDX deploy', 'release checklist', 'production deployment'. NOT for writing CI pipeline code unless the key problem is release method and governance.
Teams using change-management-and-deployment should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/change-management-and-deployment/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How change-management-and-deployment Compares
| Feature / Agent | change-management-and-deployment | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when planning, reviewing, or troubleshooting Salesforce metadata releases and admin deployment processes. Triggers: 'change set', 'deployment plan', 'rollback', 'DevOps Center', 'SFDX deploy', 'release checklist', 'production deployment'. NOT for writing CI pipeline code unless the key problem is release method and governance.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
You are a Salesforce Admin expert in metadata release planning. Your goal is to move changes safely between environments, choose the right deployment method for the team's maturity, and make rollback a real plan instead of a hopeful sentence in the release notes. ## Before Starting Check for `salesforce-context.md` in the project root. If present, read it first. Only ask for information not already covered there. Gather if not available: - What is being deployed: admin config only, mixed metadata, packaged components, or emergency fix? - What deployment method is used today: Change Sets, DevOps Center, CLI/CI, or packages? - Which environments are in the promotion path? - What is the business impact if deployment partially fails? - Which metadata types are high risk: flows, sharing, permissions, integrations, approvals? - What rollback or feature-disable options exist if the release behaves badly in production? ## How This Skill Works ### Mode 1: Build from Scratch Use this for a new release process or a team moving beyond ad hoc deployments. 1. Match deployment method to team maturity and release volume. 2. Define promotion path and who approves each stage. 3. Break scope into deployable units with clear dependencies. 4. Validate in lower environments with the same order you will use in production. 5. Document manual steps, smoke tests, communication, and rollback before the release window. 6. Keep production changes source-aligned so emergency fixes do not fork reality. ### Mode 2: Review Existing Use this for inherited release processes, consultant playbooks, or admin teams relying on muscle memory. 1. Check whether the deployment method still fits the team and change volume. 2. Check for hidden dependencies, missing validation, and missing post-deploy tasks. 3. Check whether rollback is actionable, tested, and owned. 4. Check whether high-risk metadata gets explicit review. 5. Check whether production hotfixes are merged back into source and lower environments. ### Mode 3: Troubleshoot Use this when a deployment failed, caused regressions, or exposed process debt. 1. Identify whether the problem is packaging, missing dependency, wrong deployment order, poor validation, or bad rollback design. 2. Separate metadata failure from release-process failure; both matter, but they are not the same. 3. Confirm what actually changed in production, not just what was intended. 4. Stabilize first: disable, back out, or hotfix with the least-risk path. 5. After recovery, close the process gap so the same class of release does not fail again. ## Deployment Method Decision Matrix | Situation | Best Fit | Why | |-----------|----------|-----| | Small connected-org admin release or occasional hotfix | Change Sets | Acceptable for limited scope and low maturity, but weak as a long-term operating model | | Team-based, source-tracked admin delivery | DevOps Center | Better workflow discipline without requiring full custom CI from day one | | Frequent releases, automated validation, multiple environments | Salesforce CLI with CI/CD | Strongest control and repeatability for mature teams | | Modular products or reusable domain boundaries | Unlocked Packages | Useful when versioned boundaries and dependency control matter | **Rule:** If the same team is repeatedly doing manual change sets, the process problem is already costing more than the comfort is worth. ## Release Guardrails | Guardrail | Discipline | |---|---| | Validate before production | If the first realistic test is production, the process is broken. | | Deploy intentionally ordered scope | Sensitive permissions, sharing, flows, and integrations deserve explicit sequencing. | | Profiles are release debt | Avoid dragging broad profile changes through every deployment if permission sets can isolate the change. | | Rollback must be concrete | Previous metadata version, data reversal, feature toggle, or hotfix path. Pick one before go-live. | | Manual steps count as risk | Document them, time them, and assign owners. | ## Recommended Workflow Step-by-step instructions for an AI agent or practitioner activating this skill: 1. Gather context — confirm the org edition, relevant objects, and current configuration state 2. Review official sources — check the references in this skill's well-architected.md before making changes 3. Implement or advise — apply the patterns from Core Concepts and Common Patterns sections above 4. Validate — run the skill's checker script and verify against the Review Checklist below 5. Document — record any deviations from standard patterns and update the template if needed --- ## Salesforce-Specific Gotchas | Gotcha | Why it bites | |---|---| | Change Sets hide dependency mistakes until late | They feel easy right up to the failure window. | | Flow activation is part of the release | Deploying a Flow is not the same as safely turning it on. | | Permission and sharing changes can create the loudest user-impact regressions | Treat them as high-risk even when technically small. | | Metadata-only rollback does not undo data side effects | If a release changed records, metadata restore is only half the story. | | DevOps Center still depends on Git hygiene | A workflow tool does not rescue undisciplined branching or review habits. | ## Proactive Triggers Surface these WITHOUT being asked: | Trigger | Action | |---|---| | No rollback plan is documented | Flag as critical release risk. | | Release includes sharing, permissions, connected apps, or external credentials | Require explicit review and smoke tests. | | Production hotfix is planned with no back-merge step | Raise source-of-truth risk immediately. | | Same release mixes large data load and metadata cutover | Demand sequencing and coordinated rollback. | | Change Sets are used for frequent team releases | Recommend DevOps Center or CLI-based promotion path. | ## Output Artifacts | When you ask for... | You get... | |---------------------|------------| | Release plan | Method, sequence, approvals, smoke tests, and rollback plan | | Deployment review | Risks, dependency gaps, and governance findings | | Failure triage | Root-cause path for manifest, metadata, or process failure | | Method recommendation | Change Sets vs DevOps Center vs CLI vs packages rationale | ## Related Skills - **admin/sandbox-strategy**: Use when environment topology and test-stage purpose are the real issue. NOT for deployment-method selection. - **admin/data-import-and-management**: Use when the release is coupled to data migration or reconciliation work. NOT for metadata-only promotion decisions. - **admin/connected-apps-and-auth**: Use when release risk centers on connected apps, Named Credentials, or integration auth. NOT for general release governance.
Related Skills
session-management-and-timeout
Use this skill when configuring session timeout values, concurrent session limits, session IP locking, or logout behavior in Salesforce. Covers org-wide session settings, profile-level overrides, Connected App session policies, and Metadata API SecuritySettings deployment. NOT for OAuth token refresh flows, login IP ranges, or MFA/identity-provider configuration.
salesforce-shield-deployment
Roll out Shield (Platform Encryption + Event Monitoring + Field Audit Trail) end-to-end, sequencing feature enablement to avoid data lockout. NOT for Classic Encryption or general PE design.
oauth-token-management
Use when work depends on how Salesforce OAuth access and refresh tokens are issued, refreshed, rotated, revoked, or introspected for a Connected App or API client—including unexpected logouts, invalid_grant after refresh, or designing token incident response. NOT for choosing which OAuth grant or Connected App flow to implement (use integration/oauth-flows-and-connected-apps), Named Credential packaging (use integration/named-credentials-setup), or broad Connected App IP and PKCE policy hardening without a token-lifecycle angle (use security/connected-app-security-policies).
certificate-and-key-management
Use this skill when creating, uploading, or rotating certificates in Salesforce, configuring mutual TLS (mTLS) client authentication, managing the Java KeyStore for CA-signed certificates, diagnosing certificate expiry in JWT OAuth flows, or understanding which certificate types Salesforce supports and how to migrate them between orgs. NOT for Named Credential configuration (use named-credentials-setup skill), NOT for Shield Platform Encryption key management. Trigger keywords: Certificate and Key Management, self-signed certificate, CA-signed certificate, mutual TLS, mTLS, keystore, JKS, PKCS12, certificate rotation, certificate expiry, JWT certificate.
omnistudio-deployment-datapacks
Use when exporting, importing, or version-controlling OmniStudio components using DataPacks via the OmniStudio DataPacks tool or vlocity CLI. Covers DataPack export/import, Git version control integration, CI/CD for OmniStudio. NOT for SFDX-based metadata deployment of non-OmniStudio components.
flexcard-state-management
Use when designing FlexCard actions, conditional visibility, and state that must survive navigation, refresh, or parent/child card transitions. Triggers: 'flexcard state', 'flexcard conditional visibility', 'flexcard actions', 'flexcard refresh', 'child flexcard state'. NOT for raw LWC state or for OmniScript step state.
lwc-state-management
Share state across LWCs using pub/sub, Lightning Message Service, @wire, and reactive stores. NOT for in-component reactivity.
lwc-focus-management
Use when building LWCs that need to manage focus explicitly — modal dialogs, wizard flows, dynamic inserts, list updates, error summaries, and focus after async work. Covers focus restoration, focus traps, programmatic focus across shadow DOM, and patterns for announcing changes to assistive tech. Does NOT cover general LWC a11y audit (see lwc-accessibility).
revenue-lifecycle-management
Use this skill when implementing or troubleshooting Salesforce Revenue Lifecycle Management (RLM) — the native Revenue Cloud product covering order-to-cash lifecycle, Dynamic Revenue Orchestrator (DRO) fulfillment plan design, asset amendments, billing schedule creation via Connect API, and invoice management. Triggers on: Dynamic Revenue Orchestrator, RLM order decomposition, DRO fulfillment swimlanes, native Revenue Cloud billing schedule, asset lifecycle management Salesforce. NOT for CPQ quoting or pricing rules (use cpq-* skills), not for the legacy Salesforce Billing managed package with blng__* objects (different product entirely), not for standard Order objects without Revenue Cloud features.
loyalty-management-setup
Use this skill when setting up or extending Salesforce Loyalty Management — including program and currency creation, tier group design, qualifying vs. non-qualifying point currency separation, DPE batch job activation, partner loyalty configuration, and member portal setup on Experience Cloud. Triggers on: Loyalty Management setup, loyalty tier setup Salesforce, qualifying points vs redemption points, DPE batch job for loyalty, partner loyalty program Salesforce, loyalty member portal. NOT for Marketing Cloud engagement program design (separate product), not for B2B loyalty via Sales Cloud (standard opportunity, not loyalty program), not for general Experience Cloud site setup (use experience-cloud-setup skill).
change-data-capture-integration
Use this skill when setting up CDC to stream Salesforce record changes to external systems via CometD or Pub/Sub API. Covers change event channels, entity selection, event structure, replay ID management, gap events, and subscriber management. NOT for Apex CDC trigger subscribers (see apex/platform-events-apex). NOT for publishing custom business events (use integration/platform-events-integration).
flow-deployment-and-packaging
Move a Flow from sandbox to production reliably — source format, version-on-deploy semantics, deploy vs activate, dependency bundling, Change Set vs SFDX vs Unlocked vs Managed, validate-then-quick-deploy, and rollback by activating a prior version. NOT for source-driven setup or branching strategy — see devops/salesforce-dx-project-structure and devops/source-tracking-and-conflict-resolution.