In the Yokohama Patch 6/Zurich Patch 1 release, ServiceNow has released new security improvements to control access and visibility of your AI Agents and Now Assist skills.
AI Agents
Role-based access configuration options are now available directly in AI Agent Studio. It is now a required configuration in order to Save and Continue. This allows you to define who can discover and use a particular AI Agent. It then also allows you to determine what entity you want the AI Agent to run as.
When it comes to selecting the entity an AI Agent can run as, you have a decision to make: either run as a "Dynamic user" which inherits the permissions of the invoking user (default); or use a new type of sys_user called "AI user". This AI user will have your own preconfigured set of roles and will be independent of the invoking user. This is beneficial when the AI Agent needs permissions that are greater/different than the invoking user. Be aware that the ACLs on the AI Agent tools such as Flow Action, Subflow, or Skills checks against the entity this AI Agent will run as. Also, don't forget when you configure triggers in agentic workflows, that has its own set of conditions to configure.
Note: When using the Script tool or building flows with Script steps, we recommend using GlideRecordSecure() and addUserEncodedQuery() functions for better security.
Note: You can minimize potential negative impact of an AI agent not executing as expected by configuring AI agents' tools to run in supervised mode. This will ensure human oversight for the tool's actions. You can use the Supervised mode to enhance security for agents with the capability to perform sensitive or critical actions.
You can set the supervised execution mode when creating a tool in the AI agent guided setup. For example, choose Supervised as the Execution mode when adding a catalog item tool.
Skill Kit
Users can now define access controls (ACLs) while creating or modifying skills in Skill Kit. You can do so by selecting the role(s) that a user needs to have to successfully invoke a skill.
If you have existing AI Agents or custom skills, it's recommended to review your access control for these features using our newly provided security tools.
