fluent-sdk
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface because it ingests untrusted data from live ServiceNow instances. This data is then used to influence sensitive operations.
- Ingestion points: Untrusted data enters the agent context via the
SN-Query-TableMCP tool during verification and hybrid workflow steps (e.g., in SKILL.md Step 6). - Boundary markers: No specific delimiters or instructions to ignore embedded commands within the record data are provided to the agent.
- Capability inventory: The skill possesses high-privilege capabilities including arbitrary server-side script execution via
SN-Execute-Background-Script, fix script creation viaSN-Create-Fix-Script, and code deployment vianow-sdk deploy. - Sanitization: There is no evidence of sanitization or validation of the retrieved record content before it is interpolated into subsequent tool calls or script generation logic.
- [EXTERNAL_DOWNLOADS]: The skill and its referenced vendor files (
vendor/now-sdk-explain.md,vendor/now-sdk-setup.md) download the@servicenow/sdkpackage from the official NPM registry and reference source code from ServiceNow's official GitHub repository. These downloads originate from well-known services and trusted organizations.
Audit Metadata