Skill

servicenow-agent

From sundial-org-awesome-openclaw-skills-4

Provides read-only CLI access to ServiceNow Table, Attachment, Aggregate, and Service Catalog APIs with schema inspection and history retrieval. Use to query tables, fetch records by sys_id, download attachments, or get stats.

Node

OpenAPI

api-development

cli-tools

Install

npx claudepluginhub joshuarweaver/cascade-ai-ml-agents-misc-2 --plugin sundial-org-awesome-openclaw-skills-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Use this skill to read data from ServiceNow via the Table API. Do not create or update or delete records.

Supporting Assets

cli.mjsreferences/aggregate-api.yamlreferences/attachment.yamlreferences/service-catalog-api.yamlreferences/table-api.yamlspecialists/attachments_incident.jsonspecialists/incident_history_template.jsonspecialists/incidents.jsonspecialists/inspect_incident_schema.json

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Stars586

Forks75

Last CommitFeb 1, 2026

Actions

View Source View Plugin View on GitHub View README

ServiceNow Table API Read Only

Use this skill to read data from ServiceNow via the Table API. Do not create or update or delete records.

Configuration

Set these environment variables in the .env file in this folder.

SERVICENOW_DOMAIN instance domain such as myinstance.service-now.com
SERVICENOW_USERNAME username for basic auth
SERVICENOW_PASSWORD password for basic auth

If your domain already includes https:// then use it as is. Otherwise requests should be made to:

https://$SERVICENOW_DOMAIN

Allowed Operations GET only

Use only the GET endpoints from these files.

openapi.yaml for Table API
references/attachment.yaml for Attachment API
references/aggregate-api.yaml for Aggregate API
references/service-catalog-api.yaml for Service Catalog API

List records

GET /api/now/table/{tableName}

Get a record by sys_id

GET /api/now/table/{tableName}/{sys_id}

Never use POST or PUT or PATCH or DELETE.

Common Query Params Table API

sysparm_query encoded query such as active=true^priority=1
sysparm_fields comma separated fields to return
sysparm_limit limit record count to keep small for safety
sysparm_display_value true or false or all
sysparm_exclude_reference_link true to reduce clutter

See openapi.yaml for the full list of parameters.

CLI

Use the bundled CLI for all reads. It pulls auth from .env by default. You can override with flags.

Command overview

list table lists records from a table
get table sys_id fetches one record by sys_id
batch file.json runs multiple read requests in one call
attach reads attachments and file content
stats table aggregates stats
schema table lists valid field names and types
history table sys_id reads full comment and work note timeline
sc endpoint Service Catalog GET endpoints

Auth flags

--domain domain instance domain
--username user
--password pass

Query flags

Use any of these as --sysparm_* flags.

--sysparm_query
--sysparm_fields
--sysparm_limit
--sysparm_display_value
--sysparm_exclude_reference_link
--sysparm_suppress_pagination_header
--sysparm_view
--sysparm_query_category
--sysparm_query_no_domain
--sysparm_no_count

Attachment API params

--sysparm_query
--sysparm_suppress_pagination_header
--sysparm_limit
--sysparm_query_category

Aggregate API params

--sysparm_query
--sysparm_avg_fields
--sysparm_count
--sysparm_min_fields
--sysparm_max_fields
--sysparm_sum_fields
--sysparm_group_by
--sysparm_order_by
--sysparm_having
--sysparm_display_value
--sysparm_query_category

Service Catalog params

--sysparm_view
--sysparm_limit
--sysparm_text
--sysparm_offset
--sysparm_category
--sysparm_type
--sysparm_catalog
--sysparm_top_level_only
--record_id
--template_id
--mode

Output

--pretty pretty print JSON output
--out path save binary attachment content to a file

Examples

List recent incidents.

node cli.mjs list incident --sysparm_limit 5 --sysparm_fields number,short_description,priority,sys_id

Query with a filter.

node cli.mjs list cmdb_ci --sysparm_query "operational_status=1^install_status=1" --sysparm_limit 10

Fetch a single record.

node cli.mjs get incident <sys_id> --sysparm_fields number,short_description,opened_at

Override auth on the fly.

node cli.mjs list incident --domain myinstance.service-now.com --username admin --password "***" --sysparm_limit 3

Attachment metadata and file download.

node cli.mjs attach list --sysparm_query "table_name=incident" --sysparm_limit 5
node cli.mjs attach file <sys_id> --out /tmp/attachment.bin

Aggregate stats.

node cli.mjs stats incident --sysparm_query "active=true^priority=1" --sysparm_count true

Service Catalog read only GETs.

node cli.mjs sc catalogs --sysparm_text "laptop" --sysparm_limit 5
node cli.mjs sc items --sysparm_text "mac" --sysparm_limit 5
node cli.mjs sc item <sys_id>
node cli.mjs sc item-variables <sys_id>

Service Catalog endpoints GET only

cart
delivery-address user_id
validate-categories
on-change-choices entity_id
catalogs
catalog sys_id
catalog-categories sys_id
category sys_id
items
item sys_id
item-variables sys_id
item-delegation item_sys_id user_sys_id
producer-record producer_id record_id
record-wizard record_id wizard_id
generate-stage-pool quantity
step-configs
wishlist
wishlist-item cart_item_id
wizard sys_id

Schema Inspection

Use this if you are unsure of a field name.

node cli.mjs schema incident

Reading Ticket History

Use this to read the full conversation instead of just the current state.

node cli.mjs history incident <sys_id>

Specialist presets

Create JSON batch files under specialists/ to run multiple reads at once.

specialists/incidents.json

Each entry supports sysparm_* fields plus these items.

name label in the batch output
table target table
sys_id optional single record fetch

Run a batch preset.

node cli.mjs batch specialists/incidents.json --pretty

Output

The Table API returns JSON by default. Results appear under result.

Notes

Keep result sizes small with sysparm_limit.
Use sysparm_fields to avoid large payloads.
This skill is read only by design.

Summary of the Agent Toolkit

list and get show the current state of records.
attach shows files and screenshots.
stats shows analytics and aggregates.
sc shows requested item variables.
schema shows the database map to correct errors.
history shows the timeline of human conversations.

Observations & Notes (important)

Service Catalog endpoints may return empty arrays depending on catalog content and search text — try more specific --sysparm_text terms or increase --sysparm_limit.
sysparm_display_value is enabled by default for table reads to return human-friendly values (e.g., user names instead of sys_ids). If you need raw system ids, pass --sysparm_display_value false.
Keep --sysparm_limit small for agent-initiated queries to avoid large payloads and timeouts. Prefer stats for counts or aggregates instead of downloading many rows.
Attachments: metadata is available via attach list/attach get; use attach file <sys_id> --out <path> to download binary content for local analysis.
Schema inspection (schema) avoids guessing field names and is the recommended first step before reading unknown tables.
History (history) fetches journal entries (comments/work_notes) from sys_journal_field and is useful to read the full conversation thread for a ticket.
Use --pretty to make JSON outputs readable for human review and to help the agent summarize long results.

Recommended Batch Presets

I recommend these specialist JSON presets under specialists/ to speed up common read workflows. They are safe (read-only) and demonstrate how to combine related reads.

specialists/inspect_incident_schema.json — schema inspection for incident:

[
  {
    "name": "schema-incident",
    "table": "sys_dictionary",
    "sysparm_query": "name=incident^elementISNOTEMPTY",
    "sysparm_fields": "element,column_label,internal_type,reference",
    "sysparm_limit": 500
  }
]

specialists/incident_history_template.json — history template (replace <SYS_ID> with the target sys_id before running):

[
  {
    "name": "incident-history",
    "table": "sys_journal_field",
    "sysparm_query": "name=incident^element_id=<SYS_ID>",
    "sysparm_fields": "value,element,sys_created_on,sys_created_by",
    "sysparm_order_by": "sys_created_on",
    "sysparm_limit": 500
  }
]

specialists/attachments_incident.json — recent attachments for incident table:

[
  {
    "name": "recent-incident-attachments",
    "table": "attachment",
    "sysparm_query": "table_name=incident",
    "sysparm_fields": "sys_id,file_name,content_type,table_sys_id,sys_created_on",
    "sysparm_limit": 20
  }
]

How to use these:

For schema: node cli.mjs batch specialists/inspect_incident_schema.json --pretty
For history: replace <SYS_ID> then node cli.mjs batch specialists/incident_history_template.json --pretty (or run node cli.mjs history incident <SYS_ID> --pretty)
For attachments: node cli.mjs batch specialists/attachments_incident.json --pretty, then node cli.mjs attach file <sys_id> --out /tmp/file to download a file.

These presets are intentionally read-only and conservative (limits set small). Feel free to ask for additional presets (P1 dashboards, recent changes, escalations).