Critical-risk tools in Servicenow
2 of the 41 tools in Servicenow are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
servicenow_bulk_deleteDestructiveDelete multiple records matching a query. Dry-run by default — always preview before committing. Args: - table (string): Target table - query (string): Encoded query to sel...
-
servicenow_delete_recordDestructivePermanently delete a ServiceNow record by sys_id. This action is irreversible. Args: - table (string): Table name - sys_id (string): sys_id of the record to delete Returns...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.