canvas-network-viz
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a read-only visualization layer with no detected security risks or malicious behavior.
- [COMMAND_EXECUTION]: External tool interaction is strictly limited to the MCP framework (pyATS, Grafana, etc.) for data retrieval. There is no usage of shell commands, direct subprocess calls, or file system manipulation.
- [PROMPT_INJECTION]: To mitigate risks from processing external data, the skill incorporates a centralized HTML escaping utility. All data fetched from tools like ServiceNow or Prometheus is sanitized before being interpolated into visualization templates.
- [DATA_EXFILTRATION]: No unauthorized network operations were found. The skill uses a local logging system to record telemetry about visualization events for auditing purposes.
Audit Metadata