Forge Assay#
Forge Assay is a read-only health scan of your Salesforce org. It runs 37 analyses across data quality, security, automation, and PII exposure, and hands back a prioritized picture of what's wrong and who can see what.
What it checks#
- Data quality — duplicates, missing required data, stale records, broken references.
- Security — over-broad profiles and permission sets, sharing gaps, field-level-security exposure.
- Automation — overlapping or conflicting automation, orphaned flows.
- PII exposure — fields holding clear-text sensitive data, and exactly which profiles, permission sets, and users can read each one.
Read-only by design#
Assay never writes. For the self-serve experience it runs under a session layer that blocks every write at the boundary, and the PII detection works from metadata (zero record reads) plus opt-in masked sampling — no raw sensitive value is ever stored.
Free vs paid#
The free scan is the diagnosis; the paid tiers unlock the prescription.
| Tier | What you get |
|---|---|
| Free | Overall + per-category health scores, issue counts by severity, the PII headline (how many fields/objects expose clear-text sensitive data), and one fully-revealed finding as a proof sample. |
| Pro | Every finding in full — which exact fields hold PII, masked exemplars, exactly who can read each exposure, all 37 analyses, remediation steps, PDF/Excel export, historical comparison. |
| Elite | Pro, plus a one-hour presentation and remediation roadmap delivered personally. |
Tip: The sharpest result is the PII "who can read it" gap — going from "we found PII in clear text" to "here are the exact 7 fields and the 23 users who can see your customers' sensitive data."