pyats-parallel-ops
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by aggregating data from network devices (e.g., configurations, logs, and routing tables). This data is treated as untrusted input that could potentially contain malicious instructions aimed at overriding the agent's logic during analysis.
- Ingestion points: Data collected via pyats_run_show_command, pyats_show_logging, and pyats_show_running_config in SKILL.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the aggregation examples.
- Capability inventory: The skill utilizes subprocess execution through python3 and the $MCP_CALL environment variable.
- Sanitization: No sanitization or validation of device output is described before it is used for fleet-wide reporting.
- [COMMAND_EXECUTION]: The skill uses python3 and environment variables ($MCP_CALL, $PYATS_MCP_SCRIPT) to execute commands in parallel across multiple devices. This behavior is the primary intended function of the skill for fleet-wide network automation.
Audit Metadata