rest-integration
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines and documents the use of the
snow_execute_script_with_outputtool, which enables the agent to execute arbitrary JavaScript code on a ServiceNow instance. - [DATA_EXFILTRATION]: The skill provides templates and tools (
snow_test_rest_connection,snow_create_rest_message) designed to facilitate outbound network connections and data transfer to external HTTP endpoints. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through external data ingestion.
- Ingestion points: External API responses are retrieved via
response.getBody()and parsed usingJSON.parse()in several code examples (e.g., Basic GET Request, Parse JSON Response). - Boundary markers: No boundary markers or "ignore embedded instructions" delimiters are implemented for the external data being processed.
- Capability inventory: The skill possesses high-privilege capabilities including script execution (
snow_execute_script_with_output) and outbound network requests. - Sanitization: There is no evidence of sanitization, validation, or escaping of the content returned from external APIs before it is processed or logged.
Audit Metadata