user-provisioning
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'SN-Execute-Background-Script' tool across several phases (Phases 1, 4, 5, 6, 7) to execute server-side JavaScript for tasks such as password generation and bulk record reassignment.
- [DATA_EXFILTRATION]: The skill accesses the 'sys_user' table in ServiceNow, which contains sensitive user information including emails, phone numbers, and employee IDs. This access is inherent to the skill's administrative function.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection. 1. Ingestion points: Sensitive user data is ingested from the 'sys_user' table (SKILL.md). 2. Boundary markers: Absent; untrusted data from ServiceNow records is interpolated into administrative scripts without explicit delimiters. 3. Capability inventory: The skill possesses high-privilege capabilities including record creation, modification, and background script execution (SKILL.md). 4. Sanitization: Absent; there is no evidence of input validation or escaping before data is processed by the agent or ServiceNow tools.
Audit Metadata