servicenow
Fail
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation instructions recommend using "curl -fsSL https://jsn.jace.pro/install | bash", a pattern that executes remote code from a non-whitelisted domain directly in the shell without prior inspection.
- [COMMAND_EXECUTION]: The skill provides high-privilege capabilities including running arbitrary server-side scripts on ServiceNow instances using the "jsn eval" command and reading local file contents for record creation using flags like "-f script=@/tmp/script.js".
- [COMMAND_EXECUTION]: Extensive administrative control is provided over ServiceNow system tables, Access Control Lists (ACLs), and Business Rules, allowing for significant environmental modification.
- [DATA_EXFILTRATION]: The skill interacts with sensitive local credential files at "~/.config/servicenow/credentials.json", which could be targeted for exfiltration via the available network-enabled CLI commands.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the lack of boundary markers when processing data from ServiceNow. 1. Ingestion points: "jsn records list", "jsn logs", "jsn rules show". 2. Boundary markers: Absent. 3. Capability inventory: "jsn eval", "jsn records update", "jsn jobs run", local file access. 4. Sanitization: Absent.
Recommendations
- HIGH: Downloads and executes remote code from: https://jsn.jace.pro/install - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata