configuration-validation
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for administrative quality assurance. It provides systematic checklists for validating ServiceNow configurations and uses standard platform interaction patterns.
- [COMMAND_EXECUTION]: The troubleshooting section includes an example of using a background script tool to perform syntax validation via
eval(). This is restricted to checking the validity of existing scripts within the ServiceNow instance's server-side environment and is consistent with the skill's purpose. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it retrieves and processes configuration data from ServiceNow tables (e.g.,
sys_script,sc_cat_item). - Ingestion points: Data is ingested via
SN-Query-Tableand REST API calls to ServiceNow configuration tables inSKILL.md. - Boundary markers: None present; the instructions do not include specific delimiters or warnings to ignore instructions embedded in the retrieved configuration data.
- Capability inventory: The skill utilizes
Bash,SN-Query-Table,SN-Validate-Configuration, andSN-Get-Table-Schema. - Sanitization: No sanitization or escaping of the configuration content is mentioned prior to the agent's analysis or reporting.
Audit Metadata