automateyournetwork/prisma-sdwan-apps
workspace/skills/prisma-sdwan-apps/SKILL.md
View Prisma SD-WAN application definitions for policy visibility
$ install --global
skillsauthnpx skillsauth add automateyournetwork/netclaw prisma-sdwan-appsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 20, 2026, 3:29 AM4.3s1 file scanned
SKILL.md
- name:
- prisma-sdwan-apps
- description:
- View Prisma SD-WAN application definitions for policy visibility
- license:
- Apache-2.0
- user-invocable:
- true
- bins:
- ["python3"]
- env:
- ["PAN_CLIENT_ID", "PAN_CLIENT_SECRET", "PAN_TSG_ID"]
Prisma SD-WAN Application Visibility
View application definitions in your Palo Alto Networks Prisma SD-WAN fabric. Understand which applications are defined for policy enforcement, their categories, and risk levels.
When to Use
- Listing all application definitions in the fabric
- Finding applications by name or category
- Understanding application risk classifications
- Reviewing SaaS vs on-premise application types
- Auditing application categories for policy decisions
MCP Server
- Server:
prisma-sdwan-mcp(community MCP from iamdheerajdubey) - Command:
python3 -u mcp-servers/prisma-sdwan-mcp/src/prisma_sdwan_mcp/server.py(stdio transport) - Auth: OAuth2 via
PAN_CLIENT_ID,PAN_CLIENT_SECRET,PAN_TSG_ID - Region:
PAN_REGION(americas or europe, default: americas)
Available Tools
| Tool | Parameters | What It Does |
|------|------------|--------------|
| get_app_defs | None | List all application definitions with categories and risk |
Workflow Examples
Application Discovery
# List all applications
"Show me all SD-WAN application definitions"
# Find specific application
"Is Office 365 defined as an application?"
# List by category
"What business applications are defined?"
Risk Analysis
# Find high-risk applications
"Which applications are classified as high risk?"
# Review SaaS applications
"List all SaaS application definitions"
Policy Planning
# Understand categories
"What application categories are available for policies?"
# Review productivity apps
"Show me all productivity category applications"
Integration with Other Skills
- prisma-sdwan-config: View policies that reference these applications
- prisma-sdwan-topology: Understand where policies are applied
- prisma-sdwan-status: Check if app-based policies are working
Response Examples
Application Definitions Response
{
"applications": [
{
"id": "app001",
"name": "office365",
"display_name": "Microsoft Office 365",
"category": "business",
"subcategory": "productivity",
"risk": "low",
"app_type": "saas"
},
{
"id": "app002",
"name": "zoom",
"display_name": "Zoom Video Communications",
"category": "business",
"subcategory": "conferencing",
"risk": "low",
"app_type": "saas"
}
],
"total_count": 250
}
Error Handling
| Error Code | Meaning | Resolution | |------------|---------|------------| | AUTH_FAILED | OAuth2 authentication failed | Verify PAN_CLIENT_ID, PAN_CLIENT_SECRET, PAN_TSG_ID | | RATE_LIMITED | API rate limit exceeded | Wait and retry |
Notes
- Read-only operations - no ServiceNow CR gating required
- Application definitions are fabric-wide (not per-site)
- Risk levels: low, medium, high
- App types: saas, on-premise, custom
- All operations logged to GAIT audit trail
Related Skills
automateyournetwork/humanrail-escalation
testing
VerifiedTrustedCommunity
Human-in-the-loop escalation via HumanRail — route low-confidence agent decisions, pre-destructive operation approvals, and ambiguous incident tickets to real human engineers. Human answers are verified and returned as structured output. Workers are paid via Lightning Network. Use when the agent is uncertain, when a destructive change needs explicit human sign-off beyond a ServiceNow CR, or when an ambiguous ticket requires human triage before automated handling.
491SKILL.mdUpdated May 12, 2026
automateyournetwork/eve-ng-node-operations
testing
VerifiedTrustedCommunity
Manage EVE-NG node lifecycle. Use when listing nodes, checking runtime state, creating or deleting nodes, starting or stopping nodes or whole labs, verifying node details, or wiping node NVRAM back to factory defaults.
491SKILL.mdUpdated May 12, 2026
automateyournetwork/eve-ng-lab-management
development
VerifiedTrustedCommunity
Manage EVE-NG labs and platform inventory. Use when listing labs, checking lab metadata, creating or deleting labs, importing or exporting lab archives, checking EVE-NG health or auth, or verifying available node images before build work.
491SKILL.mdUpdated May 12, 2026
automateyournetwork/eve-ng-console-ops
tools
VerifiedTrustedCommunity
Execute live CLI commands on running EVE-NG nodes over telnet console. Use when running show commands, making live config changes, verifying protocol state, testing connectivity, checking console readiness, or interacting with IOS, Junos, VPCS, EOS, or NX-OS nodes.
491SKILL.mdUpdated May 12, 2026