Fortigate Firewall Audit

Security checks across malware telemetry and agentic risk

Overview

This is a FortiGate audit guide whose commands fit a firewall review, but users should review commands before running them because some are operational diagnostics rather than purely passive reads.

Install only if you are authorized to audit the target FortiGate devices. Use a least-privilege FortiOS account, review each command before execution, avoid unattended command execution from this guide, get approval before active diagnostics like ping or FortiGuard rating checks, and treat raw CLI output as sensitive security data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The document asserts that all listed commands are read-only, safe, and exclude `execute` commands, but later includes `execute log filter` and `execute log display`. Even if these log commands are low risk, the contradiction can cause an automation agent or operator to over-trust the reference and execute commands under a false safety guarantee.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: Presenting the entire command set as read-only and safe is misleading because some commands change CLI context or session state. In an agent skill, inaccurate safety labeling is dangerous because downstream tooling may rely on that guarantee to decide whether commands can be run automatically on production firewalls.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: `config vdom`, `edit <vdom-name>`, and `config global` are configuration-mode commands, not simple query commands, even if no change is made afterward. In this audit skill context, that increases the chance an agent enters a mutable mode on a production device, where a follow-on mistake or command injection could alter configuration.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: `execute log filter` modifies the active CLI log filter state, so calling it 'read-only and safe' without warning is inaccurate. While the impact is limited, hidden session-state changes can confuse operators, taint subsequent outputs, and undermine assumptions made by automation about command side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal