ClawHub

Juniper Device Health

Security checks across malware telemetry and agentic risk

Overview

This Juniper health-check skill is mostly a normal diagnostic guide, but it is labeled read-only while recommending actions that can change or delete data on network devices.

Install only if you treat this as an operational network-device triage skill, not a strictly read-only one. Limit credentials where possible, and require explicit operator approval before running any request, cleanup, rescue-save, rollback, file-removal, or power-cycle action, especially during incidents where logs and core dumps may be needed for support or forensics.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is labeled and presented as a read-only health-check procedure, but it instructs the operator to use `request routing-engine login other-routing-engine`, which changes session context and crosses from passive observation into an operational action. In security-sensitive automation, mismatches between declared safety tier and actual behavior are dangerous because downstream systems or users may trust the metadata and permit execution they otherwise would review more carefully.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
This section recommends `request system storage cleanup` and selective file removal, both of which modify device state and can delete logs, core dumps, or software artifacts that may be needed for forensics, rollback, or support escalation. Presenting destructive cleanup inside a supposedly read-only diagnostic skill materially increases the risk of accidental execution, especially during incident response when operators may follow steps quickly.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The decision tree recommends rollback and FPC power-cycle actions, which are state-changing recovery steps outside the scope of a health-check procedure. Embedding remediation in a triage tree makes it more likely that an automated or hurried user will treat these as approved next steps, potentially causing outages, route changes, or hardware disruption.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The alarm triage section includes `request system configuration rescue save` and advises FPC power cycling, both of which alter device state and exceed read-only analysis. This is dangerous because alarm workflows are often followed during degraded conditions, where unreviewed recovery actions can worsen outages or overwrite intended configuration recovery state.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The metadata explicitly declares the skill as `read-only`, yet the document contains multiple state-changing commands and remediation steps. This inconsistency can subvert policy enforcement, tool routing, or user trust models that rely on safety metadata, leading to unauthorized operational changes under the guise of a safe diagnostic procedure.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The document explicitly states that all commands are read-only, but it includes `request routing-engine login other-routing-engine`, which is not purely observational and initiates an interactive session change. That mismatch can cause an operator or downstream agent to trust the command set as non-invasive and execute a command with broader access or workflow side effects than expected.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Destructive cleanup and removal guidance is presented without an explicit warning, preservation step, or confirmation requirement. On network devices, deleting logs, core dumps, or images can erase incident evidence, hinder JTAC support, and create recovery risk, so omission of safeguards meaningfully increases the chance of damaging operator mistakes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal