nso-device-ops
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill accesses a remote resource at https://resources.cisco-nso-mcp.io/environment to retrieve environment-level summaries such as device counts and OS distribution. This resource is associated with the tool's specific ecosystem.\n- [PROMPT_INJECTION]: The skill interacts with external device data, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Device configurations and platform information are ingested via the get_device_config and get_device_platform tools in SKILL.md.\n
- Boundary markers: There are no explicit delimiters or instructions defined in the workflow to prevent the agent from interpreting instructions embedded within the retrieved configurations.\n
- Capability inventory: The skill possesses the ability to modify the NSO Configuration Database (CDB) through the sync_from_device tool.\n
- Sanitization: No specific sanitization or filtering of the retrieved device configuration is mentioned before it is processed by the agent.\n- [CREDENTIALS_UNSAFE]: The skill requires sensitive credentials (NSO_PASSWORD) for authentication. It correctly implements security best practices by directing the user to provide these through environment variables rather than hardcoding them within the skill files.\n- [COMMAND_EXECUTION]: The skill executes the cisco-nso-mcp-server command to facilitate communication with the Cisco NSO server using stdio transport.
Audit Metadata