cisco-ucce-cli
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
cisco-uccepackage from the NPM registry. This package is authored by the same entity as the skill and is required for the core functionality. - [COMMAND_EXECUTION]: The skill functions by executing shell commands using the
cisco-ucceCLI tool to interact with various Cisco APIs (Finesse, VVB, CVP, etc.). - [DATA_EXFILTRATION]: The tool manages sensitive system credentials stored in
~/.cisco-ucce/config.json. While this is standard for CLI administrative tools, users should ensure the configuration directory has restricted filesystem permissions to prevent local credential exposure. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it processes data from external Cisco API endpoints (such as process lists, logs, and agent statuses). If an attacker could influence the data returned by these system APIs, they could theoretically attempt to inject instructions into the agent's context.
- Ingestion points: API outputs from Cisco AW, Finesse, CVP, and Diagnostic Portal (SKILL.md).
- Boundary markers: None explicitly defined in the provided instructions.
- Capability inventory: Subprocess execution for the
cisco-ucceCLI tool and various diagnostic operations. - Sanitization: No explicit sanitization of API output is mentioned before being processed by the agent.
Audit Metadata