pyats-security
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local scripts (e.g., $PYATS_MCP_SCRIPT, $ISE_MCP_SCRIPT, $GAIT_MCP_SCRIPT) via an execution wrapper to interact with network infrastructure and security servers.
- [EXTERNAL_DOWNLOADS]: Fetches and executes the nvd-cve-mcp-server package from the npm registry using npx to perform vulnerability lookups against the National Vulnerability Database.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from network device configurations. • Ingestion points: Running configurations and command outputs are captured via pyats_show_running_config and pyats_run_show_command. • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions within device configurations. • Capability inventory: The skill possesses the ability to execute shell commands, perform network operations to Cisco ISE, and record audit trails in GAIT. • Sanitization: No explicit sanitization, escaping, or validation of the ingested device configuration data is performed prior to processing.
Audit Metadata