mikrotik-routeros-rsc
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill includes a local Python linter script (
scripts/lint_rsc.py) designed to detect security anti-patterns and idempotency issues in RouterOS scripts. This tool uses standard library modules (re, argparse, json) and performs static analysis via regular expressions without performing network requests or executing untrusted code. - [SAFE]: Documentation in
references/SAFE_PRACTICES.mdandreferences/LINTER_RULES.mdaligns with security best practices by explicitly warning against destructive commands, credential exposure in logs, and excessive privilege grants likedont-require-permissions=yes. - [EXTERNAL_DOWNLOADS]: Reference material in
references/EXAMPLES.mdprovides example scripts that use/tool fetchwith placeholder domains such asexample.com. These examples are intended to teach robust error handling and retry logic in router automation and do not constitute a security risk. - [SAFE]: Indirect Prompt Injection Surface: The linter script (
scripts/lint_rsc.py) ingests untrusted data from.rscfiles provided via command-line arguments. While boundary markers and sanitization are absent, the script's capabilities are limited to reading and pattern matching; it lacks file-write, network, or execution capabilities that could be exploited by malicious file content.
Audit Metadata