On scap targets running debian bullseye:
netbox-dev2002:~$ /usr/bin/scap Traceback (most recent call last): File "/usr/bin/scap", line 39, in <module> from scap import cli ModuleNotFoundError: No module named 'scap'
/usr/bin/scap is a symlink to /var/lib/scap/scap/bin/scap indicating that this host has been properly configured and bootstrapped by puppet to be a scap target. (xref T303559)
/var/lib/scap/scap/bin/scap inserts /var/lib/scap/scap at the front of the python module search path. /var/lib/scap/lib/python3.7/site-packages/scap/ contains the module that we're attempting to import. However, bullseye targets run Python 3.9. The stuff ends up in the python3.7 directory because it is prepared on deploy1002 which runs buster.
We'll need a way to produce a tree with deps for 3.7 and 3.9 (or find a way to use one set for both). Hacking and testing are in order.