Skills
skills/happy-technologies-llc/happy-platform-skills/data-quality/Gen Agent Trust Hub

data-quality

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the SN-Execute-Background-Script tool to perform complex server-side data analysis on the ServiceNow instance, including duplicate detection and health assessments. This matches the intended administrative scope and uses official platform capabilities.
  • [DATA_EXFILTRATION]: Includes code examples in SKILL.md (Example 1) for sending quality reports via email using the GlideEmailOutbound API. This is a routine operational task for generating notifications and reports within the enterprise environment.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where the agent processes data from ServiceNow tables. 1. Ingestion points: Data retrieved from cmdb_ci and related tables in SKILL.md (Steps 1-6). 2. Boundary markers: Absent; CI attributes are processed without delimiters to separate them from instructions. 3. Capability inventory: The skill can modify data and execute scripts via SN-Update-Record, SN-Create-Record, and SN-Execute-Background-Script as documented across SKILL.md. 4. Sanitization: Absent; records are handled via standard GlideRecord API calls without specific filtering for potentially malicious prompt content embedded in fields like CI names or comments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:36 PM