ClawHub

Cisco Device Health

Security checks across malware telemetry and agentic risk

Overview

This is a Cisco network health-check guide with mostly diagnostic commands, but users should avoid treating its remediation notes as automatic read-only steps.

Install this only for Cisco device health triage. Use read-only credentials when possible, treat the main workflow as report-only, and require explicit maintenance approval before any reload, ACL/CoPP change, VDC context switch, module shutdown, or module power cycle.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is labeled and framed as a read-only health-check procedure, but this section includes operational actions that can alter device state, including switching VDC context and power-cycling modules. In a troubleshooting workflow, an agent or operator could treat these as approved next steps and cause service disruption, especially on production Nexus systems where context changes or module power actions can affect visibility or availability.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The metadata declares the skill as `read-only`, which creates trust that the procedure will not recommend state-changing actions. Later sections contradict that guarantee by recommending non-read-only recovery steps, creating a safety-boundary mismatch that can mislead downstream agents, orchestrators, or operators into applying disruptive commands under a false assumption of safety.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The document advises switching VDC context without a sufficiently explicit warning that this changes the operator's scope and can lead to incorrect diagnosis or accidental actions in the wrong VDC. In multi-VDC Nexus environments, ambiguous context handling increases the chance of operator error and can compound the risk of any subsequent commands.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal