radkit-remote-access

SUSPICIOUS. The core capability is coherent with the stated purpose: Cisco RADKit legitimately provides cloud-relayed access to on-prem devices, and the documented Cisco cloud endpoint matches the skill’s data path. However, the install trust story is inconsistent because the cited CiscoDevNet project is paired with evidence of a personal-repo clone path, and the skill omits Cisco’s signed-package verification guidance. The requested certificate/key material is proportionate but highly sensitive, and the skill is explicitly read-write capable with real-world impact on network devices. This looks more like a legitimate but high-risk remote-operations skill than confirmed malware.