pyats-health-check
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands to interact with network automation tools (pyATS, NetBox). These commands are used strictly for diagnostic purposes, such as retrieving CPU/memory utilization, interface statistics, and hardware inventory. The usage of environment variables like $MCP_CALL and $PYATS_MCP_SCRIPT indicates integration with a controlled vendor environment.
- [PROMPT_INJECTION]: The skill processes untrusted external data from network device logs (Step 7: System Logs) and command outputs. While this constitutes an indirect prompt injection surface, the risk is inherent to network monitoring tasks and the skill does not grant elevated privileges based on this data.
- Ingestion points: Output from pyats_show_logging and pyats_run_show_command are parsed for status flags.
- Boundary markers: None present; the agent parses raw device output.
- Capability inventory: The skill can execute shell commands via MCP scripts and record data to GAIT audit trails.
- Sanitization: No explicit sanitization of device output is performed before processing.
Audit Metadata