It would be great to have some kind of indicator for which ports are protected via MACSEC… like a lock icon or something next to port description.
It looks like the relevant data comes from the CISCO-TRUSTSEC-INTERFACE-MIB mib.
18.104.22.168.22.214.171.124.7126.96.36.199.1.2. ctsiIfConfiguredMode returns 4 if the port is configured.
188.8.131.52.184.108.40.206.7220.127.116.11.1.8 ctsiIfSapNegotiationStatus returns a 4 for negotiation success.
You could have something like a configured port indicated as an open lock in red if the port is configured but with unsuccessful negotiation and flip it to a green closed lock if neg is successful.