Skills
skills/groeimetai/snow-flow/mobile-development/Gen Agent Trust Hub

mobile-development

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the snow_execute_script_with_output tool, which enables the execution of arbitrary server-side JavaScript (ES5) within the ServiceNow instance. This provides the agent with extensive access to system APIs and database operations.
  • [PROMPT_INJECTION]: The processOfflineChanges function in SKILL.md identifies a surface for indirect prompt injection (Category 8). It processes data from a queue and applies state changes to the database based on unvalidated JSON input.
  • Ingestion points: Untrusted data enters the context from the changes field of the sys_sg_offline_queue table.
  • Boundary markers: None; the script lacks delimiters or instructions to ignore embedded commands within the processed data.
  • Capability inventory: The skill has the capability to modify any record in the database using GlideRecord.update() and execute arbitrary scripts via snow_execute_script_with_output.
  • Sanitization: There is no evidence of sanitization, key-whitelisting, or value validation before the data is used in gr.setValue() and gr.update() calls.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 08:29 PM