servicenow
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the public NPM registry. This is a standard procedure for installing the necessary tooling from a well-known service to interact with the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes several shell commands via the
membraneCLI for operations such as authenticating (membrane login), managing connections (membrane connect), and executing actions (membrane action run). These commands are essential for the skill's functionality. - [DYNAMIC_EXECUTION]: Includes the ability to dynamically create new integration actions via
membrane action create, which triggers a backend build process on the Membrane platform to generate logic based on a natural language description. - [DATA_EXFILTRATION]: The skill is designed to retrieve and manipulate organizational data from ServiceNow (e.g., incidents, users, knowledge base). While this is the intended primary purpose, it establishes a surface for data access that should be monitored for unauthorized exposure.
Audit Metadata