ServiceNow
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill appears purpose-aligned, but it gives an agent broad ServiceNow read/write/delete and bulk-change powers across any table, so it needs careful permissioning and review.
Install only if you are comfortable giving the agent ServiceNow API access. Use a dedicated least-privilege account, restrict table permissions, review all writes/deletes/batch actions before execution, and start with dry-run or read-only use in non-production.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the configured ServiceNow account has broad permissions, the agent could create, modify, or delete sensitive business records across the instance.
The skill exposes broad ServiceNow Table API mutation authority across arbitrary tables rather than limiting itself to a small, predefined workflow or table set.
description: "Connect your AI agent to ServiceNow — query, create, update, and manage records across any table ... Full CRUD operations"
Use a dedicated least-privilege ServiceNow integration account, allow only needed tables/actions, and require explicit human approval for create, update, delete, attachment upload/download, and batch operations.
A single incorrect bulk query could close, update, or delete many ServiceNow records and disrupt ITSM, CMDB, or other business workflows.
The batch feature can affect hundreds or thousands of matching records from one encoded query; dry-run and --confirm help, but a mistaken query or overbroad agent action could still propagate widely.
sn_batch — Bulk update or delete records ... Runs in dry-run mode by default ... Pass `--confirm` to execute ... safety cap at 10000
Keep dry-run as the default, lower batch limits where possible, inspect matched records before execution, and require a separate human confirmation step for any bulk mutation.
Using an admin or broadly privileged ServiceNow account would give the agent broad read/write/delete authority.
The script requires ServiceNow credentials and uses them for Basic Auth to the configured instance, which is expected but means the agent operates with that account's privileges.
: "${SN_INSTANCE:?SN_INSTANCE env var required ...}" ... : "${SN_USER:?SN_USER env var required}" ... : "${SN_PASSWORD:?SN_PASSWORD env var required}" ... AUTH="$SN_USER:$SN_PASSWORD"Do not use a personal admin account. Create a dedicated API user with least-privilege ACLs, rotate the password, and store credentials securely outside the skill files.
Users have less provenance information to verify that the reviewed files match the publisher's intended release.
The registry metadata does not provide a verified source, which matters more for a high-impact administrative integration, even though the provided artifacts do include a script and no install-time downloader.
Source: unknown
Verify the publisher, compare against the advertised GitHub/homepage if available, and prefer pinned, auditable releases for production ServiceNow access.