Skills
skills/automateyournetwork/netclaw/clab-lab-management/Gen Agent Trust Hub

clab-lab-management

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes an execCommand tool designed to run commands on containerized lab nodes. This is a core functionality for network lab management and is restricted to the managed lab environment.
  • [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection via the topology JSON and command execution tools. 1. Ingestion points: deployLab (topologyContent) and execCommand (command). 2. Boundary markers: The documentation does not specify the use of delimiters or boundary instructions for processing these inputs. 3. Capability inventory: The skill can execute commands on nodes and manage lab infrastructure. 4. Sanitization: No sanitization or input validation mechanisms are described in the markdown.
  • [CREDENTIALS_UNSAFE]: The skill requires API authentication but follows security best practices by utilizing environment variables (CLAB_API_USERNAME, CLAB_API_PASSWORD) rather than hardcoding sensitive credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 06:12 AM