Back to skill

Security audit

Fabric Aiops

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Meraki network-operations tool with guarded writes and local credential storage, but users should handle its master password carefully.

Install only if you intend to let an agent operate a Cisco Meraki organization. Prefer interactive unlocks or a managed secret store for FABRIC_AIOPS_MASTER_PASSWORD, avoid putting it directly in shell history or logs, use read-only Meraki API permissions where possible, and test write actions with --dry-run before allowing live remediation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide explicitly recommends exporting the master password into an environment variable for unattended use, but omits warnings about common exposure paths such as shell history, inherited process environments, CI job logs, and system inspection tools. Because this password unlocks the encrypted Meraki API key store, disclosure can lead to recovery of API credentials and unauthorized access to the Meraki organization.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.