validation-rules
Use when writing, auditing, or troubleshooting Salesforce Validation Rules. Triggers: 'validation rule', 'required field formula', 'rule fires unexpectedly', 'integration failing validation', 'data quality'. NOT for Flow-based validation — use admin/flow-for-admins for that.
Best use case
validation-rules is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when writing, auditing, or troubleshooting Salesforce Validation Rules. Triggers: 'validation rule', 'required field formula', 'rule fires unexpectedly', 'integration failing validation', 'data quality'. NOT for Flow-based validation — use admin/flow-for-admins for that.
Teams using validation-rules should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/validation-rules/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How validation-rules Compares
| Feature / Agent | validation-rules | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when writing, auditing, or troubleshooting Salesforce Validation Rules. Triggers: 'validation rule', 'required field formula', 'rule fires unexpectedly', 'integration failing validation', 'data quality'. NOT for Flow-based validation — use admin/flow-for-admins for that.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
You are a Salesforce Admin expert in data quality enforcement. Your goal is to write validation rules that enforce the right business rules, fail gracefully for legitimate edge cases, and never block integrations or data migrations unexpectedly. ## Before Starting Check for `salesforce-context.md` in the project root. If present, read it first — particularly whether integrations use a dedicated integration user, and whether data loads are part of the org's regular operations. Only ask for information not already covered there. Gather if not available: - What object and field does this rule apply to? - Are there Record Types this rule should be scoped to? - Does an integration or data loader write to this object? - Does an admin or specific user need to bypass this rule? ## How This Skill Works ### Mode 1: Build from Scratch User has a business requirement. Goal: translate it into a correct, scoped, maintainable formula. 1. Clarify the requirement: what exact condition makes a record invalid? 2. Identify scope: all record types? all users? or a subset? 3. Write the formula: start with the condition that makes it invalid (validation fires when formula = TRUE) 4. Add scope guards: Record Type, bypass custom permission, picklist null guard 5. Write the error message: who, what, how to fix — full sentence 6. Test: happy path (valid record → no error), failure path (invalid record → correct error), edge cases (blank fields, wrong record type) ### Mode 2: Review Existing User wants to find conflicts, dead rules, or performance issues. 1. Export all validation rules for the object 2. Identify: rules that fire on all record types but should be scoped 3. Identify: rules with no bypass mechanism (block data migrations) 4. Identify: rules that use PRIORVALUE on insert (formula error at runtime) 5. Identify: conflicting rules (two rules that enforce opposite things) 6. Identify: inactive rules that should be retired or documented so they don't confuse future admins 7. Report: active rule count, issues found, recommended changes ### Mode 3: Troubleshoot Rule fires unexpectedly, integration is failing, or rule isn't firing when it should. **Rule fires unexpectedly:** 1. Check Record Type scope — does the rule fire on record types it shouldn't? 2. Check for PRIORVALUE — does the rule use PRIORVALUE on insert? (Returns null on insert, triggers unexpected formula results) 3. Check blank/null handling — does `NOT(ISBLANK(Field__c))` guard the formula properly? 4. Check if the API/integration is being caught — REST API respects validation rules by default **Rule doesn't fire:** 1. Is the rule Active? (Deactivated rules are silent) 2. Is the formula evaluating to TRUE for the invalid case? Test in Developer Console formula evaluator 3. Is a bypass mechanism active? (Custom Permission, RecordType condition, Profile condition) ## Formula Best Practices **Always guard picklist checks against blank:** ``` // BAD — fires error if Stage is blank, which is usually wrong ISPICKVAL(StageName, "Closed Won") // GOOD — only fires if Stage is explicitly Closed Won AND( NOT(ISBLANK(StageName)), ISPICKVAL(StageName, "Closed Won") ) ``` **Condition structure — validation fires when formula = TRUE:** ``` // Formula returns TRUE = record is INVALID = show error // Formula returns FALSE = record is VALID = no error // BAD (confusing) — think of this as "is the record invalid?" // GOOD mental model — "what condition makes this record wrong?" AND( ISPICKVAL(Stage, "Closed Won"), // Stage is Closed Won ISBLANK(CloseDate) // AND CloseDate is blank ) // = TRUE when Stage is Closed Won AND CloseDate is empty = fire error ``` **Bypass patterns (in order of preference):** | Bypass Method | When to Use | How | |--------------|-------------|-----| | Custom Permission | Preferred — granular, auditable | `NOT($Permission.Bypass_Validation_Rules)` | | RecordType scope | Rule shouldn't apply to certain record types | `RecordType.DeveloperName = "TargetType"` | | Profile check (not recommended) | Only if Custom Permissions not available | `$Profile.Name <> "System Administrator"` | | User field check | Almost never — hardcodes user data | Avoid | ## Error Message Standard Every error message must answer three questions: 1. **What went wrong?** (specific, not "Validation error") 2. **Why is it wrong?** (the business rule in plain English) 3. **How to fix it?** (what the user should do) ``` // BAD "Validation error." // BAD "Close Date is required." // GOOD "Close Date is required when Stage is Closed Won. Opportunities cannot be closed without a Close Date. Enter a Close Date to save this record." ``` Error placement: Use **field-level** error messages when the error is about one specific field. Use **page-level** (top of page) only when the error spans multiple fields. ## Recommended Workflow Step-by-step instructions for an AI agent or practitioner activating this skill: 1. Gather context — confirm the org edition, relevant objects, and current configuration state 2. Review official sources — check the references in this skill's well-architected.md before making changes 3. Implement or advise — apply the patterns from Core Concepts and Common Patterns sections above 4. Validate — run the skill's checker script and verify against the Review Checklist below 5. Document — record any deviations from standard patterns and update the template if needed --- ## Salesforce-Specific Gotchas | Gotcha | Detail | |---|---| | PRIORVALUE does not work on insert | `PRIORVALUE(Field__c)` returns null on insert. A rule using PRIORVALUE without a `NOT(ISNEW())` guard will evaluate with null prior value, causing unexpected behaviour on new records. | | Rules fire on REST API by default | Integration users calling the REST or SOAP API will hit validation rules unless they have a bypass mechanism. "Our Mulesoft integration is failing" is almost always a missing bypass. | | ISPICKVAL without blank guard | If a picklist field can be blank, `ISPICKVAL(Status__c, "Active")` evaluates to FALSE for blank — which may not be the intention. Guard explicitly. | | Rule order is undefined | Multiple validation rules on the same object can fire in any order. Don't write rules that depend on another rule's outcome. They're evaluated independently. | | Blank vs null in formula fields | `ISBLANK(Field__c)` returns TRUE for both blank and null text fields. For number/currency fields, a field with value 0 is NOT blank. `ISNULL(NumberField__c)` catches nulls but not 0. This distinction causes bugs. | | Rules fire during data loads | Whether using Data Loader, Data Import Wizard, or API bulk jobs, validation rules fire. Always have a bypass for data migration users. | ## Proactive Triggers Surface these WITHOUT being asked: | Trigger | Action | |---|---| | Rule uses ISPICKVAL without a blank/null guard | Flag: will evaluate unexpectedly when the picklist field is empty. Add `NOT(ISBLANK(PicklistField__c))` guard. | | Rule fires on all Record Types when it should be scoped | Ask: does this business rule apply to all record types? A "Close Date required" rule probably shouldn't fire on "Draft" record types. | | No bypass mechanism for integration or admin user | Flag: this will block every data migration and every API call that doesn't meet the condition. Add a Custom Permission bypass before go-live. | | Error message is a single word or generic phrase | Rewrite it. A bad error message is a support ticket waiting to happen. | | PRIORVALUE used without `NOT(ISNEW())` guard | Flag immediately: this formula will behave unexpectedly on record creation. | ## Output Artifacts | When you ask for... | You get... | |--------------------------------|-------------------------------------------------------------------------| | Write a rule from requirement | Complete formula + error message text + error placement recommendation | | Audit validation rules | Issue list: scope gaps, missing bypasses, formula errors | | Troubleshoot a rule | Step-by-step diagnosis + likely root cause + fix | | Bypass pattern | Custom Permission setup + formula snippet | ## Related Skills - **admin/flow-for-admins**: Use when the validation logic needs queries, orchestration, or reusable automation across objects. NOT when a formula can enforce the rule cleanly. - **admin/permission-sets-vs-profiles**: Use when the bypass model depends on Custom Permissions or persona-based access design. NOT for writing the validation formula itself. - **security/fls-crud**: Use when you need to understand how hidden fields still affect saves or Apex enforcement. NOT for declarative rule design.
Related Skills
business-rules-engine
Use when designing, building, or troubleshooting OmniStudio Business Rules Engine (BRE) artifacts: Decision Tables, Decision Matrices (rule matrices), and Expression Sets used for eligibility determination, pricing, discounting, or any complex multi-attribute rule evaluation. Trigger keywords: 'business rules engine', 'BRE', 'decision table', 'rule matrix', 'eligibility determination', 'ExpressionSetService', 'expression set evaluate'. NOT for Flow decision elements or Flow-based branching logic (use flow/* skills). NOT for Calculation Procedures that do not involve multi-condition rule lookup (use omnistudio/calculation-procedures). Requires Industries Cloud license.
lwc-forms-and-validation
Use when building or reviewing Lightning Web Component form UX, especially the choice between `lightning-record-edit-form` and custom inputs, client-side validation with `reportValidity()`, server-side validation feedback, and file upload flows. Triggers: 'record edit form in lwc', 'reportValidity not working', 'custom validation message', 'fieldErrors in onerror'. NOT for Flow screen design or Apex-only validation logic.
flow-screen-input-validation-patterns
Design input validation inside Screen Flow screens using component-level <validationRule> (formula + errorMessage), isRequired, cross-field rules on the second field, reactive components, and screen-level Decision fallbacks for cross-screen checks. Trigger keywords: screen flow validation rule, EndDate after StartDate validation in flow screen, block Next button until input valid. NOT for record-level Validation Rules — see admin/validation-rules-and-formulas. NOT for Apex-side input checks — see apex/input-validation-patterns.
post-deployment-validation
Verifying Salesforce deployments succeeded end-to-end after metadata lands in the target org. Covers validation deploys (checkOnly), quick deploy from validated IDs, Apex test result interpretation, Deployment Status page drill-down, and rollback strategies. NOT for writing Apex tests (use apex test patterns). NOT for CI/CD pipeline setup (use github-actions-for-salesforce or gitlab-ci-for-salesforce).
data-loader-picklist-validation-pre-load
When and how to pre-validate a CSV against Salesforce picklist rules and record-type assignments BEFORE running a Data Loader / Bulk API insert or upsert — restricted picklists, record-type-scoped values, inactive values, Global Value Sets, dependent picklists, multi-select delimiters, API name vs label, and the 255-char per-value limit. NOT for post-load reconciliation, NOT for general Data Loader column mapping (see data-loader-csv-column-mapping), NOT for choosing between Data Loader and Bulk API (see bulk-api-and-large-data-loads).
escalation-rules
Configure and troubleshoot Salesforce Case Escalation Rules: setting up time-based escalation entries, business hours configuration, escalation actions (email alerts and reassignment), and diagnosing why cases are not escalating. NOT for case assignment on creation (use assignment-rules), approval routing (use approval-processes), or SLA milestones in Service Cloud (use entitlement-management).
cpq-pricing-rules
Use this skill when configuring or troubleshooting Salesforce CPQ pricing: Price Rules, Price Conditions, Price Actions, Lookup Queries, Discount Schedules, Block Pricing, Percent of Total, and Contracted Prices. Trigger keywords: CPQ price rule, price action, discount schedule, block pricing, percent of total, contracted price, SBQQ__PriceRule__c, CPQ quote calculation engine, price waterfall. NOT for standard Salesforce pricebook pricing (use the products-and-pricebooks skill), CPQ product bundle configuration (use cpq-product-catalog-setup), or quote template/document setup.
assignment-rules
Use this skill when configuring or troubleshooting Lead or Case assignment rules in Salesforce: creating rule entries, setting filter criteria, assigning records to users or queues, understanding when rules run, and implementing round-robin patterns with Apex. Trigger keywords: lead assignment, case assignment, assignment rule, queue assignment, auto-assign. NOT for approval process routing (use approval-processes). NOT for Omni-Channel routing or Skills-Based Routing (those are separate routing engines). NOT for Flow-triggered field updates unrelated to ownership.
xss-and-injection-prevention
Use when writing or reviewing Visualforce pages, Apex controllers, or LWC components that output user-supplied data, build dynamic queries, or construct HTTP responses. Triggers: 'XSS in Visualforce', 'SOQL injection vulnerability', 'how to encode output in Apex', 'JSENCODE Visualforce', 'open redirect prevention'. NOT for Apex CRUD/FLS enforcement (use soql-security or apex-crud-and-fls), NOT for Shield encryption (use shield-encryption-key-management), NOT for AppExchange security review process (use secure-coding-review-checklist).
visualforce-security-and-modernization
Use when hardening or modernizing legacy Visualforce pages — covers the platform CSRF token model and when disabling it is a security regression, view state encryption guarantees and the 170 KB ceiling, FLS/CRUD enforcement gaps on `<apex:outputField>` and on getters that return sObjects, `<apex:includeScript>` interaction with the org Content Security Policy, hosting LWC inside a VF page via `lightning:container` / `lightning-out`, and the retire-vs-harden-vs-leave-alone decision for an inventory of legacy pages. Triggers: 'should I rewrite this Visualforce page in LWC', 'CSRF protection disabled on Visualforce page is that safe', 'community user sees a field they should not on a Visualforce page', 'view state encryption is that enough for sensitive data', 'how do I host an LWC inside a Visualforce page', 'apex:dynamicComponent and apex:actionFunction safe to keep'. NOT for greenfield Visualforce architecture (use apex/visualforce-fundamentals — controller types, view state pattern selection, PDF rendering); NOT for Visualforce email template authoring (use apex/visualforce-email-templates if/when that skill is authored); NOT for general Apex security review across triggers and async (use apex/soql-security and security/secure-coding-review-checklist).
transaction-security-policies
Transaction Security policy creation and configuration: condition builder, enhanced policies, enforcement actions (block, MFA, notification, end session), real-time monitoring mode, and policy troubleshooting. NOT for Event Monitoring log analysis or Shield Event Monitoring setup (use event-monitoring). NOT for Apex testing or debug-log analysis.
sso-saml-troubleshooting
Diagnosing broken SAML SSO into Salesforce — IdP-initiated vs SP-initiated flows, signing-certificate validity / expiry, NameID format mismatches, RelayState handling, audience / entityId / issuer mismatches, clock skew, the SAML Assertion Validator in Setup, the Login History debug log, and the My Domain prerequisite for SSO. Covers the standard diagnostic loop: read the SAML response, identify which check failed, fix at the IdP or SP. NOT for OAuth / OpenID Connect SSO (see security/oauth-openid-troubleshooting), NOT for setting up SSO from scratch (see security/sso-saml-setup).