The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py utilizes subprocess.run to invoke the curl command-line tool. This is the primary mechanism for interacting with the Cisco ISE API. While the script passes arguments as a list to avoid shell injection, the reliance on external binary execution for network tasks is a sensitive pattern.
[CREDENTIALS_UNSAFE]: The automation script scripts/agent.py accepts administrative credentials via command-line flags (--username and --password), making them visible in process monitoring tools on multi-user systems. Additionally, the documentation in SKILL.md contains hardcoded example passwords like C0mpl3x$3cretKey! and CtsP@ss within configuration snippets.
[EXTERNAL_DOWNLOADS]: The scripts/agent.py script makes network requests to external URLs specified by the user at runtime. It explicitly includes the -k (insecure) flag in its curl commands, which disables SSL/TLS certificate verification. This bypasses a fundamental security control and exposes API communications to man-in-the-middle attacks.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests data from external API responses (such as endpoint group names and session statuses) and includes them in the agent's context without sanitization.
Ingestion points: scripts/agent.py (via ise_request and get_active_sessions calls)
Boundary markers: Absent (external data is processed and printed without clear delimiters or instructions to ignore embedded commands)
Capability inventory: subprocess.run (available in scripts/agent.py for system interactions)
Sanitization: Absent (no validation or escaping of API-provided strings before inclusion in the report or logging output)

implementing-network-access-control-with-cisco-ise