pyats-troubleshoot
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local Python execution via environment variables (
$MCP_CALL,$PYATS_MCP_SCRIPT) to run network diagnostic tools and interface with infrastructure. This is consistent with the skill's primary purpose of network troubleshooting. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted data from network device outputs (logs, show commands) and NetBox objects.
- Ingestion points: Data enters the agent context through
pyats_run_show_command,pyats_show_logging, andnetbox_get_objectscalls inSKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded content are present in the provided command templates.
- Capability inventory: The skill has the ability to execute
python3subprocesses and perform network operations (ping, SSH via pyATS) as defined inSKILL.md. - Sanitization: No evidence of input/output sanitization or validation is present within the markdown instructions.
- [DATA_EXPOSURE]: The skill accesses sensitive network configuration data, including routing tables, ARP entries, and device logs, which is necessary for its diagnostic functions. No evidence of exfiltration to external or untrusted domains was found.
Audit Metadata