reporting-dashboards

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides legitimate instructions and code snippets for ServiceNow development. It uses standard server-side APIs (GlideRecord, GlideAggregate) to manage reports, dashboards, and scheduled jobs within the ServiceNow platform. No suspicious external network activity, obfuscation, or sensitive data exposure was found.- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it processes user-defined inputs for report configurations.
  • Ingestion points: User requests for creating reports, dashboards, and filters (SKILL.md).
  • Boundary markers: None present to delimit user-supplied parameters from tool logic.
  • Capability inventory: Tools for creating reports (snow_create_report), dashboards (snow_create_dashboard), and scheduling delivery (snow_schedule_report) (SKILL.md).
  • Sanitization: No explicit validation or escaping of user-provided filters or titles is demonstrated in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 01:54 PM
Security Audit — agent-trust-hub — reporting-dashboards