event-management
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes the snow_execute_script_with_output tool for executing server-side JavaScript on ServiceNow, which is a legitimate feature for its development-oriented purpose.
- [PROMPT_INJECTION]: The skill design processes user instructions into ServiceNow actions, creating a surface for indirect prompt injection. Ingestion points: User queries regarding event management tasks. Boundary markers: Not explicitly implemented in the instructions. Capability inventory: Tools for table queries, event creation, and script execution. Sanitization: No specific filtering or escaping mechanisms are detailed in the templates.
Audit Metadata