Skills
skills/happy-technologies-llc/happy-platform-skills/workflow-creation/Gen Agent Trust Hub

workflow-creation

Warn

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the creation of ServiceNow workflow activities (wf_activity) that contain embedded JavaScript logic. This pattern involves the AI generating code that is subsequently executed on a remote server platform.
  • [COMMAND_EXECUTION]: The skill utilizes high-privilege tools such as SN-Execute-Background-Script and Bash. Background scripts allow for the direct execution of arbitrary server-side code within the ServiceNow instance, which bypasses many standard application controls.
  • [REMOTE_CODE_EXECUTION]: The skill provides procedures for programmatically defining, updating, and publishing workflow versions. Malicious instructions could potentially modify existing workflow logic to insert persistent backdoors or unauthorized automation.
  • [COMMAND_EXECUTION]: The skill encourages the use of SN-Create-Record and SN-Update-Record on sensitive system tables (wf_workflow_version, wf_activity), which are responsible for the execution flow of business processes.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 29, 2026, 04:35 PM