cisco-ise-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and workflows that embed passwords/secrets directly into CLI commands (e.g., --password, --user-password, --radius-secret) and notes commands that reveal RADIUS shared secrets, which would force an LLM to handle and potentially emit secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly instructs that an agent with shell access can bypass local protections by editing ~/.cisco-ise/config.json to remove the readOnly flag (and also exposes flags like --no-audit), which is guidance to modify the local agent environment and bypass safety controls, so it should be flagged.