ClawHub

Cisco IOSXR Hardening

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow third-party API wrapper for generating Cisco IOS XR hardening snippets, with operational and privacy caveats but no hidden local execution or automatic device changes.

Before installing, verify the ToolWeb/api.mkkpro provider and avoid sending real device secrets or sensitive production details unless you accept its data handling. Review and lab-test any generated IOS XR configuration before using it on live routers, especially changes involving AAA, SSH, ACLs, logging, or service shutdowns.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill explicitly states that generated configurations can be directly deployed, but it does not warn that hardening changes may lock out administrators, disrupt management access, or affect device availability if applied without validation. In a network infrastructure context, omission of deployment-risk warnings can lead users to apply generated configs blindly to production routers, increasing the chance of self-inflicted outages or loss of access.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The POST operation is described only as 'Generate Hardening Config', which does not clearly constrain valid use cases, inputs, or safety boundaries for when the skill should be invoked. In an agent setting, broad or underspecified action descriptions increase the risk of misuse, over-invocation, or application to unintended targets, especially for security-sensitive configuration generation.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The request schema accepts sessionId and userId values, but the OpenAPI spec provides no visible privacy notice, purpose limitation, retention guidance, or handling constraints for this potentially sensitive metadata. In agent-integrated environments, collecting identifiers without documented data-handling expectations can lead to unnecessary exposure, logging, correlation, or downstream privacy violations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal