Skills
skills/groeimetai/snow-flow/field-service/Gen Agent Trust Hub

field-service

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines workflows for processing work order data and mobile updates, creating an attack surface for indirect prompt injection.\n
  • Ingestion points: Data enters via fields in the wm_order and wm_task tables and the statusUpdate.notes parameter in SKILL.md.\n
  • Boundary markers: Absent; the provided script templates do not include delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill utilizes the snow_execute_script_with_output tool and performs GlideRecord insert and update operations in SKILL.md.\n
  • Sanitization: Absent; the examples do not demonstrate validation or escaping of the ingested data.\n- [COMMAND_EXECUTION]: The snow_execute_script_with_output tool allows for the execution of arbitrary server-side JavaScript on a ServiceNow instance, which is the primary intended function for this development skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 08:32 PM