lightning-flow-scanner-app

Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize Salesforce Flows.

Lightning Flow Scanner Demo

Usage
- App Screens
- User Manual
Configuration
Installation
Development

Usage

Lightning Flow Scanner App integrates the Lightning Flow Scanner as a UMD module within Salesforce, enabling scanning of flow metadata for 20+ issues such as hardcoded IDs, unsafe contexts, inefficient SOQL/DML operations, recursion risks, and missing fault handling.

For details about all available rules, their default severities, and configuration options, visit the Flow Scanner Documentation.

App Views(Tabs)

Flow Overview

Violation Details

All Results View

Rule Configuration:

Rule Configuration

User Manual

Click on the App Launcher icon in the top-left corner of your Salesforce interface.
Search for “Flow Scanner” in the App Launcher.
Click on the “Flow Scanner” app to open the Scan Flows Overview.
(Optional) Configure rules in the Configuration tab.
View results of a Flow by clicking “details”.

Privacy: Zero user data collected. All processing is client-side. → See Data Handling in our Security Policy.

Configuration

While no configuration is required, Admins can define default severities, expressions, or disabled states for scan rules using the ScanRuleConfiguration__mdt custom metadata type. These overrides apply globally for all users in the org, but individual users can still adjust severities or disable rules locally in the browser — those changes only persist for their current session. For a more on configurations, review the documentation.

Go to Setup → Custom Metadata Types → ScanRuleConfiguration → Manage Records
Click New and set the following fields:

Rule Name — must match the rule’s API name (e.g., FlowName)
Severity — Error, Warning, Info, or Note
Expression (optional) — e.g., [A-Za-z]+_[0-9]+
Disabled — check to turn off the rule globally

Once saved, the Flow Scanner App automatically applies these overrides at load time.

Rule Override

Installation

Deployment Type	Installation
Managed (Recommended)
Unmanaged
Or via CLI	`sf package install --package 04tgK0000008CLlQAM --wait 10`

After installation, complete the Post-Installation Setup to configure the Connected App and assign permissions.

Development

1) Clone this repository:

git clone https://github.com/Flow-Scanner/lightning-flow-scanner-app.git

2) Create a Scratch Org

sf org:create:scratch --definition-file config/project-scratch-def.json --alias FlowScanner --duration-days 7 --set-default --json

3) Push Source to Your Org:

sf project:deploy:start

4) Assign Permission Set

sf org assign permset --name Flow_Scanner

Want to help improve Lightning Flow Scanner? See our Contributing Guidelines

This site is open source. Improve this page.