widget-coherence
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists of documentation, best practice checklists, and reference code for ServiceNow development. The code examples follow standard API usage and do not contain hidden or malicious logic.
- [PROMPT_INJECTION]: The skill interprets natural language user requests to generate or modify code artifacts, which creates a surface for indirect prompt injection.
- Ingestion points: User requests regarding widget creation, fixing, or optimization (SKILL.md).
- Boundary markers: Absent.
- Capability inventory: Includes tools for artifact modification and deployment such as
snow_edit_artifact,snow_deploy, andsnow_update. - Sanitization: The skill does not provide explicit instructions for sanitizing or validating user-generated input before code generation.
Audit Metadata