Skills
skills/automateyournetwork/netclaw/te-network-monitoring/Gen Agent Trust Hub

te-network-monitoring

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the community MCP server from the CiscoDevNet GitHub organization (CiscoDevNet/thousandeyes-mcp-community), which is a well-known and trusted source.
  • [EXTERNAL_DOWNLOADS]: Connects to the official ThousandEyes MCP remote endpoint at https://api.thousandeyes.com/mcp, an official service domain.
  • [COMMAND_EXECUTION]: Provides instructions for local installation of dependencies using standard commands (git clone, pip install) and execution of the remote transport (npx mcp-remote).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via untrusted data retrieved from the ThousandEyes API.
  • Ingestion points: External data from tools like te_get_test_results, te_list_tests, and te_get_dashboard_widget (SKILL.md).
  • Boundary markers: Absent; the skill lacks specific delimiters or instructions to prevent the agent from obeying commands embedded in API results.
  • Capability inventory: The official server provides Instant Tests for on-demand test execution, which could be triggered by malicious instructions in data (SKILL.md).
  • Sanitization: Absent; no explicit validation or filtering of external API content is defined before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 06:13 AM