cisco-yang-cli
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute arbitrary CLI commands on remote network devices using the
cisco-yang execcommand, which allows for broad administrative control. - [PROMPT_INJECTION]: The skill facilitates the ingestion of data from external Cisco devices, which may contain attacker-controlled content if a device is compromised or configured with malicious strings (e.g., in descriptions or metadata). This constitutes an indirect prompt injection surface.
- Ingestion points: Data returned from
cisco-yang getandcisco-yang execcommands as described inSKILL.md. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat device output as untrusted data or to ignore embedded instructions.
- Capability inventory: The skill provides access to destructive and administrative tools including
cisco-yang set,cisco-yang delete, and unrestrictedcisco-yang exec. - Sanitization: No evidence of sanitization, filtering, or validation of the data received from the network devices before processing.
Audit Metadata