change-management
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection where malicious instructions could be embedded in user-provided change data.
- Ingestion points: User-provided strings for ServiceNow fields such as 'short_description', 'description', 'justification', and implementation plans within SKILL.md.
- Boundary markers: There are no explicit boundary markers or 'ignore embedded instructions' warnings present in the code templates to separate user data from programmatic logic.
- Capability inventory: The skill provides significant capabilities to modify ServiceNow data via tools like snow_change_create, snow_create_change_task, and snow_update_change_state, and to read data via snow_query_table.
- Sanitization: The provided JavaScript (ES5) snippets do not demonstrate input sanitization or validation before calling GlideRecord's setValue or tool methods.
Audit Metadata