Skills
skills/automateyournetwork/netclaw/pyats-dynamic-test/Gen Agent Trust Hub

pyats-dynamic-test

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of full Python source code provided via the test_script parameter to the pyats_run_dynamic_test tool. This allows for arbitrary logic to be run within the execution environment.
  • [COMMAND_EXECUTION]: The provided examples demonstrate the capability to connect to network devices and execute commands (e.g., show ip ospf neighbor, ping) which can be used to read or modify network state.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8).
  • Ingestion points: The test_script parameter of the pyats_run_dynamic_test tool in SKILL.md.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the script input.
  • Capability inventory: The skill can execute Python code, connect to devices, and run network commands.
  • Sanitization: Although the documentation lists banned imports (e.g., os, requests) and functions (e.g., eval, open), there is no mention of how these are technically enforced, making the sandbox potentially bypassable through introspection or obfuscation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 06:12 AM