csm-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface within its example ServiceNow scripts.
- Ingestion points: User-provided content is ingested via
input.subjectandinput.descriptionin the 'Portal Case Submission' Widget Server Script. - Boundary markers: The code snippets do not implement boundary markers or instructions for the agent to ignore potentially malicious commands embedded in user input.
- Capability inventory: The skill defines high-privilege tools including
snow_execute_script_with_outputandsnow_query_table, which provide significant access to the ServiceNow environment. - Sanitization: There is no evidence of sanitization or input validation in the provided JavaScript samples before data is assigned to database fields.
Audit Metadata