Skills
skills/groeimetai/snow-flow/notification-events/Gen Agent Trust Hub

notification-events

Warn

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines and utilizes the snow_execute_script_with_output tool, which allows the agent to execute arbitrary JavaScript (ES5) code on the ServiceNow instance. This capability can be used to modify system state or perform administrative actions.
  • [REMOTE_CODE_EXECUTION]: The skill provides patterns for dynamic code generation, specifically demonstrating how to store script strings in the sysevent_script_action table. These scripts are then executed asynchronously by the ServiceNow event engine.
  • [DATA_EXFILTRATION]: The skill includes the snow_query_table tool, which enables the agent to read and retrieve data from any accessible table within the ServiceNow environment, potentially including sensitive system configuration or user data.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 23, 2026, 08:30 PM