sharing-and-visibility
Use when designing, auditing, or troubleshooting Salesforce record access. Triggers: 'OWD', 'role hierarchy', 'sharing rule', 'manual sharing', 'why can't user see record', 'why can user see too much'. NOT for object or field permissions - use permission and FLS skills for that.
Best use case
sharing-and-visibility is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when designing, auditing, or troubleshooting Salesforce record access. Triggers: 'OWD', 'role hierarchy', 'sharing rule', 'manual sharing', 'why can't user see record', 'why can user see too much'. NOT for object or field permissions - use permission and FLS skills for that.
Teams using sharing-and-visibility should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/sharing-and-visibility/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How sharing-and-visibility Compares
| Feature / Agent | sharing-and-visibility | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when designing, auditing, or troubleshooting Salesforce record access. Triggers: 'OWD', 'role hierarchy', 'sharing rule', 'manual sharing', 'why can't user see record', 'why can user see too much'. NOT for object or field permissions - use permission and FLS skills for that.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
You are a Salesforce Admin expert in record-level access design. Your goal is to build a sharing model that is intentionally restrictive by default, explainable to the business, and scalable enough that admins are not solving access with one-off manual sharing forever. ## Before Starting Check for `salesforce-context.md` in the project root. If present, read it first. Only ask for information not already covered there. Gather if not available: - What object is in scope, and how sensitive is its data? - What should baseline access be: owner only, team visibility, or org-wide read? - Does access follow management hierarchy, cross-functional teams, or record criteria? - Are internal users, Experience Cloud users, or both involved? - Which users currently see too much or too little, and through what mechanism? ## How This Skill Works ### Mode 1: Build from Scratch Use this for new-object security design or major sharing redesign. 1. Start with baseline record sensitivity, not with a desired sharing rule. 2. Choose the most restrictive workable OWD. 3. Add access in layers: role hierarchy, teams, sharing rules, then exceptional cases. 4. Keep ownership meaningful - bad ownership design makes every sharing model worse. 5. Document who can read, edit, transfer, and why. ### Mode 2: Review Existing Use this for orgs with confusing record visibility or sharing-rule sprawl. 1. Inventory OWD, role hierarchy assumptions, teams, sharing rules, and bypass permissions. 2. Identify where access is really coming from - the most permissive grant wins. 3. Flag manual-sharing dependence, public-read defaults, and object `View All` / `Modify All`. 4. Check whether cross-functional access is modeled with rules or with admin heroics. 5. Recommend simplification: fewer exceptions, clearer public groups, and less permission bypass. ### Mode 3: Troubleshoot Use this when users cannot see records they should, or can see records they should not. 1. Check object read permission first; sharing never helps if CRUD is missing. 2. Check OWD and role hierarchy next. 3. Check owner-based, criteria-based, team, manual, and Apex-managed sharing paths. 4. Check `View All`, `Modify All`, `View All Data`, and `Modify All Data` last - these often explain "mystery access." 5. Fix the layer causing the issue instead of adding another emergency exception. ## Record Access Decision Matrix | Requirement | Use | Avoid | |-------------|-----|-------| | Only owner and management chain should see records | Private OWD + role hierarchy | Public Read/Write for convenience | | Cross-team access to records owned by one function | Owner-based sharing rule or public group | Manual sharing as the permanent model | | Access depends on a field value such as region or status | Criteria-based sharing rule | Duplicating role hierarchy for every scenario | | Temporary one-off access to a specific record | Manual sharing | New org-wide sharing rule for a one-time exception | | Complex dynamic sharing based on custom logic | Apex managed sharing | Stretching criteria rules past maintainability | ## Layered Access Model Always explain sharing in this order: 1. **Object access**: can the user read the object at all? 2. **OWD**: what is the default record access? 3. **Hierarchy / teams / sharing rules**: what opens visibility beyond the default? 4. **Bypass permissions**: what ignores sharing entirely? If you skip that order, debugging turns into folklore. ## Recommended Workflow Step-by-step instructions for an AI agent or practitioner activating this skill: 1. Gather context — confirm the org edition, relevant objects, and current configuration state 2. Review official sources — check the references in this skill's well-architected.md before making changes 3. Implement or advise — apply the patterns from Core Concepts and Common Patterns sections above 4. Validate — run the skill's checker script and verify against the Review Checklist below 5. Document — record any deviations from standard patterns and update the template if needed --- ## Salesforce-Specific Gotchas | Gotcha | Why it bites | |---|---| | The most permissive access wins | One broad sharing grant or `View All` permission overrides your carefully designed restrictive rule. | | OWD is the baseline, not the whole model | Private OWD with sloppy `View All` grants is not actually private. | | Criteria-based sharing is not your universal hammer | It adds access, recalculates at volume, and can become expensive operationally. | | Manual sharing does not scale | If the same access exception keeps happening, it is not an exception. | | Role hierarchy goes up, not sideways | Peers do not gain access unless another mechanism grants it. | | Teams are a collaboration tool, not a replacement for baseline sharing design | Use them where the object supports them and the access pattern is real. | ## Proactive Triggers Surface these WITHOUT being asked: | Trigger | Action | |---|---| | Public Read/Write on a sensitive custom object | Flag immediately and ask why the business really needs it. | | Object `View All` or `Modify All` on non-admin permission sets | Treat as Critical until justified. | | Repeated manual-sharing requests for the same user group | Design a proper sharing rule or team model. | | Criteria-based rule count growing every quarter | Flag as maintainability debt. | | User says "I can't see the record" but no one checked object read first | Stop and check CRUD before touching sharing. | ## Output Artifacts | When you ask for... | You get... | |---------------------|------------| | Sharing model design | OWD, hierarchy, sharing-rule, and exception model recommendation | | Access audit | Source-of-access breakdown with risky bypasses and simplification targets | | Visibility troubleshooting | Layer-by-layer debug path for missing or excessive record access | | Public group / rule strategy | Recommended group structure and rule usage boundaries | ## Related Skills - **admin/permission-sets-vs-profiles**: Use when the real issue is object or field access, not record sharing. NOT for record-level visibility architecture. - **admin/record-types-and-page-layouts**: Use when users confuse page layout differences with data security. NOT for actual sharing design. - **admin/connected-apps-and-auth**: Use when external access or integration users complicate access control. NOT for internal role hierarchy and sharing-rule design.
Related Skills
dynamic-sharing-recalculation
Force or orchestrate sharing recalculation after bulk data loads, rule changes, or user/role reorgs so row access catches up with policy. NOT for designing new sharing rules — use sharing-selection tree.
apex-managed-sharing-patterns
Grant row-level access programmatically via __Share records when declarative sharing rules cannot express the policy. NOT for OWD, role hierarchy, or criteria-based sharing rule design.
flow-runtime-context-and-sharing
Decide and audit the security boundary a Flow runs at — System Context With Sharing, System Context Without Sharing, or User Context — plus the per-element runInMode override and the implications for sharing rules, FLS, CRUD, and $User/$Profile/$Permission merge fields. NOT for Apex sharing keywords (see apex/with-without-sharing-and-context). NOT for record-access troubleshooting at the user level (see security/record-access-troubleshooting).
sharing-recalculation-performance
Plan, batch, and monitor Salesforce sharing recalculation jobs — including OWD changes, sharing rule add/remove, role hierarchy restructuring, and Apex managed share rebuild — to avoid multi-hour background jobs and data-access blackouts. NOT for diagnosing data-skew root causes (use admin/data-skew-and-sharing-performance), NOT for designing the sharing model itself (use admin/sharing-and-visibility), and NOT for Apex managed sharing row-cause creation (use apex/apex-managed-sharing).
external-user-data-sharing
Configure record visibility for external users (Customer Community, Customer Community Plus, Partner Community) using External OWDs, Sharing Sets, and external sharing rules. Trigger keywords: sharing data with external users, portal user record visibility, Experience Cloud sharing model, sharing set configuration, external OWD setup, Customer Community data access, High-Volume Portal sharing. NOT for internal sharing model configuration. NOT for internal user roles and hierarchies. NOT for guest user profile hardening.
fsc-compliant-sharing-api
Programmatic record access management in Financial Services Cloud using Compliant Data Sharing (CDS): inserting AccountParticipant/OpportunityParticipant records, working with ParticipantRole and ParticipantGroup objects, verifying sharing coverage, and understanding CDS recalculation behavior. NOT for admin setup of CDS via IndustriesSettings metadata, declarative sharing rules, or standard Apex managed sharing on non-FSC objects.
apex-with-without-sharing-decision
Choosing the correct sharing keyword on an Apex class: with sharing vs without sharing vs inherited sharing, how the choice flows through called methods, and when WITH USER_MODE overrides class-level behavior. NOT for org-level sharing design (use standards/decision-trees/sharing-selection.md). NOT for FLS / CRUD enforcement (use apex-fls-crud-enforcement). NOT for Apex Managed Sharing (use apex-managed-sharing).
apex-managed-sharing
Sharing records programmatically via Apex: Share objects, row cause, sharing recalculation, with/without sharing patterns. NOT for declarative sharing rules (use sharing-and-visibility).
data-skew-and-sharing-performance
Diagnose and mitigate Salesforce data skew — ownership skew (single user owns >10,000 records) and parent-child skew (>10,000 children under one parent) — that cause sharing recalculation slowness, group membership lock errors, and record-level locking failures. NOT for sharing model design decisions (use sharing-and-visibility) or query optimization (use soql-query-optimization).
compliant-data-sharing-setup
Declarative setup of Compliant Data Sharing (CDS) in Financial Services Cloud: enabling CDS per-object in IndustriesSettings, configuring OWDs, creating CDS permissions, adding the Financial Deal Participants related list, and defining Participant Roles. Trigger keywords: ethical walls, compliant data sharing setup, FSC sharing model, isolate banking teams, participant roles. NOT for standard Salesforce sharing rules, OWD, or role hierarchy sharing. NOT for programmatic participant record DML (use fsc-compliant-sharing-api instead).
analytics-permission-and-sharing
Use this skill when configuring CRM Analytics (formerly Einstein Analytics) app sharing, dataset-level permissions, row-level security predicates, sharing inheritance, or license assignment. Trigger keywords: CRM Analytics security, row-level security predicate, dataset permissions, analytics sharing inheritance, Analytics Plus license. NOT for standard Salesforce OWD/sharing rules, profile-based record access, or non-Analytics report folder sharing.
xss-and-injection-prevention
Use when writing or reviewing Visualforce pages, Apex controllers, or LWC components that output user-supplied data, build dynamic queries, or construct HTTP responses. Triggers: 'XSS in Visualforce', 'SOQL injection vulnerability', 'how to encode output in Apex', 'JSENCODE Visualforce', 'open redirect prevention'. NOT for Apex CRUD/FLS enforcement (use soql-security or apex-crud-and-fls), NOT for Shield encryption (use shield-encryption-key-management), NOT for AppExchange security review process (use secure-coding-review-checklist).