SNOW-16.1: Agent Action Without Role Gate
๐ด High ยท ServiceNow Role-Based Access
Detects agent tool scripts that perform privileged operations without gs.hasRole() or GlideUser.isMemberOf() checks, relying solely on ACLs.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | SNOW-16.1 |
| Severity | High |
| Category | ServiceNow Role-Based Access |
| Platforms | servicenow |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to SNOW-16.1.