happy-platform-skills

SUSPICIOUS: the core capability is mostly consistent with a ServiceNow contextual-analysis skill and uses first-party ServiceNow API patterns, but the footprint is somewhat broader than necessary due to Bash plus record-write/create actions. Main risk is install/execution trust: the skill depends on unspecified MCP tooling from a third-party publisher without pinned package/version or release verification in the skill itself. No clear credential theft, exfiltration endpoint, or malicious payload is evident.

SUSPICIOUS: The core capability aligns with the stated ServiceNow workflow-creation purpose, and the primary data flows target official ServiceNow APIs rather than an external gateway. Risk comes from credential forwarding into a third-party MCP server, a broken placeholder repo reference, broad admin-level powers, and the ability to deploy arbitrary workflow scripts and publish operational automations.