High-risk tools in ServiceNow-MCP
28 of the 412 tools in ServiceNow-MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
commit_changesetExecuteCommit an update set (requires SCRIPTING_ENABLED=true)
-
create_business_ruleExecuteCreate a new business rule (requires SCRIPTING_ENABLED=true). ServiceNow supports ES2021 async/await in scripts.
-
create_client_scriptExecuteCreate a new client script (onLoad, onChange, onSubmit, onCellEdit) (requires SCRIPTING_ENABLED=true)
-
create_flow_actionExecuteCreate a custom Flow Designer action. **[Scripting]**
-
create_scheduled_jobExecuteCreate a new scheduled script execution job (requires WRITE_ENABLED=true)
-
create_script_includeExecuteCreate a new script include (requires SCRIPTING_ENABLED=true)
-
execute_background_scriptExecuteExecute a background script on the instance (server-side JavaScript). **[Scripting]**
-
fire_eventExecuteFire a custom ServiceNow event for a specific record (requires WRITE_ENABLED=true)
-
ml_detect_anomaliesExecuteRun anomaly detection on operational metrics (alert volume, incident trends, etc.)
-
ml_train_anomaly_detectorExecuteTrigger training of an anomaly detection model for a specific table/field. **[Write]**
-
ml_train_change_riskExecuteTrigger training of the change risk prediction ML model. **[Write]**
-
ml_train_incident_classifierExecuteTrigger training of the incident classification ML solution. **[Write]**
-
publish_changesetExecutePublish/export an update set to XML for deployment (requires SCRIPTING_ENABLED=true)
-
run_aggregate_queryExecuteRun a grouped aggregate (COUNT, SUM, AVG) query on any table (latest release: /api/now/stats/{table})
-
run_atf_suiteExecuteExecute an ATF test suite (requires ATF_ENABLED=true)
-
run_atf_testExecuteExecute a single ATF test (requires ATF_ENABLED=true)
-
run_discovery_scanExecute[Write] Trigger a ServiceNow Discovery scan for network/infrastructure
-
run_security_playbookExecuteExecute a security response playbook against an incident. **[Write]**
-
run_transform_mapExecuteExecute a Transform Map on an Import Set to load data (requires WRITE_ENABLED=true)
-
scan_vulnerabilitiesExecuteTrigger a vulnerability scan for specified CIs or groups. **[Write]**
-
switch_update_setExecuteSwitch the active Update Set context to a specified Update Set. **[Scripting]**
-
test_flowExecuteExecute a flow in test mode with sample inputs. **[Write]**
-
trigger_agentic_playbookExecuteInvoke an Agentic Playbook — context-aware AI agents that complete tasks autonomously
-
trigger_flowExecuteTrigger a Flow Designer flow with optional input parameters (requires WRITE_ENABLED=true)
-
trigger_scheduled_jobExecuteImmediately execute a scheduled job on-demand (requires WRITE_ENABLED=true)
-
update_business_ruleExecuteUpdate a business rule (requires SCRIPTING_ENABLED=true)
-
update_script_includeExecuteUpdate a script include (requires SCRIPTING_ENABLED=true)
-
update_ui_actionExecuteUpdate an existing UI Action (requires SCRIPTING_ENABLED=true)
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.