servicenow

SUSPICIOUS: the skill is largely coherent with its stated ServiceNow admin purpose and appears to send data directly to ServiceNow, not a credential-harvesting proxy. The main concerns are the curl|bash installer from a self-hosted domain and the very powerful operational surface area (eval, deletes, job runs), which make it medium risk rather than benign.