SNOW-1.1: Agent Tool Without Confirmation Gate
๐จ Critical ยท ServiceNow Tool Configuration
Detects sn_aia_tool definitions configured for autonomous execution (no user confirmation) when they perform operations with side-effects. Without confirmation gates, an AI agent can autonomously execute DML, API calls, and record modifications, creating excessive agency risk.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | SNOW-1.1 |
| Severity | Critical |
| Category | ServiceNow Tool Configuration |
| Platforms | servicenow |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to SNOW-1.1.