Skills
skills/happy-technologies-llc/happy-platform-skills/instance-management/Gen Agent Trust Hub

instance-management

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests access to the native Bash tool to perform network connectivity tests and verify instance URLs. This provides the agent with shell access, which is a powerful system capability that requires user oversight during execution.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests and processes data from external ServiceNow environments.
  • Ingestion points: Records and system properties retrieved via the SN-Query-Table tool and REST API endpoints (SKILL.md).
  • Boundary markers: Absent; the instructions do not include specific delimiters or directions for the agent to ignore instructions that might be embedded in the retrieved ServiceNow data.
  • Capability inventory: The agent is granted access to the native Bash and Read tools, as well as the SN-Execute-Background-Script MCP tool, which allow for significant system and remote instance operations (SKILL.md).
  • Sanitization: Absent; the skill does not instruct the agent to validate or sanitize the content of ServiceNow records before processing them.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:36 PM