field-service
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code or patterns detected. The skill correctly implements ServiceNow development workflows using standard GlideRecord operations for Field Service Management.- [COMMAND_EXECUTION]: The skill utilizes the
snow_execute_script_with_outputtool to run ServiceNow-specific scripts (ES5). This behavior is intended for testing and automating tasks within the ServiceNow development environment.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from ServiceNow tables (wm_order,wm_task) that could contain untrusted input. - Ingestion points: ServiceNow record data accessed via
snow_query_table. - Boundary markers: None implemented in the provided script examples.
- Capability inventory: Includes
snow_execute_script_with_outputandsnow_query_table. - Sanitization: No input sanitization or validation is demonstrated in the processing examples.
Audit Metadata