Skills
skills/groeimetai/snow-flow/document-management/Gen Agent Trust Hub

document-management

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill allows the agent to read and process attachment data from ServiceNow, which represents an indirect prompt injection surface.
  • Ingestion points: The skill reads attachment content through functions like getAttachmentContent and retrieves metadata via snow_query_table on the sys_attachment_doc table.
  • Boundary markers: No instructions are provided to isolate or treat attachment content as untrusted data within the prompt context.
  • Capability inventory: The skill provides access to the snow_execute_script_with_output tool, which enables the agent to execute arbitrary server-side code on the ServiceNow instance.
  • Sanitization: The skill lacks sanitization or validation logic for the content retrieved from ServiceNow attachment records before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 08:22 PM