The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes instructions for using the SN-Execute-Background-Script tool to run JavaScript code directly on a ServiceNow instance. While the examples provided are for legitimate administrative functions like testing events and firing notifications (e.g., in Step 3 and Step 13), the tool itself provides broad execution capabilities on the target platform.
[PROMPT_INJECTION]: The skill facilitates the creation of email notifications that include dynamic content from record fields such as ${short_description}. This presents an indirect prompt injection surface (Category 8). Ingestion points: Data enters the agent context via record fields in table sysevent_email_action and sysevent_email_template (SKILL.md). Boundary markers: None are specified to delimit user content or warn the system to ignore embedded instructions. Capability inventory: The skill has the capability to create and update records (SN-Create-Record, SN-Update-Record) and execute scripts (SN-Execute-Background-Script). Sanitization: No sanitization or escaping of external content is demonstrated before interpolation into the notification templates. This allows content provided in record fields by potentially untrusted users to be delivered to high-privilege recipients like administrators and managers.

notifications