ui-policies
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: Detailed analysis of the skill instructions and metadata found no evidence of malicious intent, obfuscation, or unauthorized data access. The skill's behavior is consistent with its stated purpose of ServiceNow administration.\n- [COMMAND_EXECUTION]: The skill documents the use of high-privilege administrative tools, specifically
SN-Execute-Background-Script. This usage is documented as a necessary workaround for a known platform limitation regarding the linking of UI Policy Actions via the REST API. The provided JavaScript code templates are transparent and perform legitimate administrative tasks within the ServiceNow environment.\n- [PROMPT_INJECTION]: The skill presents a vulnerability surface for indirect prompt injection as it processes data retrieved from ServiceNow tables. \n - Ingestion points: Untrusted data is ingested from tables including
catalog_ui_policy,catalog_ui_policy_action, anditem_option_newvia theSN-Query-Tabletool. \n - Boundary markers: The skill does not employ specific delimiters or 'ignore' instructions for content retrieved from these tables. \n
- Capability inventory: The skill has access to tools capable of record modification and server-side script execution (
SN-Create-Record,SN-Update-Record,SN-Execute-Background-Script). \n - Sanitization: There is no evidence of sanitization or validation of the ingested data before it is used in subsequent agent logic or tool parameters.
Audit Metadata