instance-security
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for security auditing and hardening of ServiceNow instances. It provides legitimate code patterns for authentication, session management, and input validation.
- [COMMAND_EXECUTION]: The skill includes the
snow_execute_script_with_outputtool, which allows the execution of server-side JavaScript (ES5) within the ServiceNow environment. This is used for diagnostic health checks and administrative tasks. - [DATA_EXFILTRATION]: The skill utilizes the
snow_query_tabletool to access sensitive security-related tables such assys_user,sys_security_acl, andsys_properties. This data is processed locally for security auditing purposes as part of its intended function. - [REMOTE_CODE_EXECUTION]: While the skill can execute code on a remote ServiceNow instance via the provided tools, the code snippets included are defensive in nature and do not attempt to download or run external malicious payloads.
Audit Metadata