code-review
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or intent was detected in the skill instructions or metadata. The code examples provided are educational and demonstrate secure vs. insecure ServiceNow development practices.
- [COMMAND_EXECUTION]: The skill incorporates the
snow_execute_script_with_outputtool. This is a legitimate vendor resource for ServiceNow automation and does not constitute a security violation in this context. - [PROMPT_INJECTION]: An indirect prompt injection surface was identified because the skill processes untrusted code artifacts. 1. Ingestion points:
snow_analyze_artifacttool and user-provided code blocks. 2. Boundary markers: Absent. 3. Capability inventory:snow_execute_script_with_outputprovides script execution. 4. Sanitization: Not specified for the code under review. This surface is inherent to the skill's purpose as a code reviewer.
Audit Metadata