Skills
skills/automateyournetwork/netclaw/radkit-remote-access/Gen Agent Trust Hub

radkit-remote-access

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides tools such as exec_cli_commands_in_device and exec_command that allow for the execution of arbitrary CLI commands on remote network hardware. The documentation explicitly notes that if the authenticated user has write access, these tools can be used to push configuration changes to devices.
  • [EXTERNAL_DOWNLOADS]: The skill references and directs users to an external MCP server repository hosted by CiscoDevNet on GitHub for the underlying implementation.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection due to the lack of input validation on command execution parameters.
  • Ingestion points: The commands parameter in exec_cli_commands_in_device and exec_command tools (SKILL.md).
  • Boundary markers: No delimiters or instructions to ignore embedded commands are defined in the skill (SKILL.md).
  • Capability inventory: The skill possesses the capability to execute arbitrary CLI commands and perform SNMP polling on production network infrastructure (SKILL.md).
  • Sanitization: There is no documentation or evidence of input sanitization, escaping, or validation for the commands passed to the network devices.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 06:12 AM