netbox-administration

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the use of high-privilege system commands such as sudo systemctl and python manage.py for standard administration tasks like service restarts, database migrations, and index rebuilding. These operations are consistent with the skill's stated purpose of server management.\n- [EXTERNAL_DOWNLOADS]: Software updates are retrieved from the official NetBox community GitHub repository (github.com/netbox-community/netbox). This is a well-known and trusted source for the application being managed, following the trust rules for established open-source projects.\n- [SAFE]: The skill demonstrates high security awareness by explicitly documenting a known remote code execution (RCE) vulnerability (CVE-2026-29514) and providing guidance on remediation. It also correctly advises on secret management, including the use of peppers and environment variables.\n- [SAFE]: The skill presents an indirect prompt injection surface due to its interaction with server configuration and documentation. Ingestion points: configuration.py, local_requirements.txt, and remote documentation URLs. Boundary markers: None explicitly defined for untrusted configuration data. Capability inventory: Includes sudo systemctl, python manage.py runscript, and pip install across SKILL.md and upgrade-procedures.md. Sanitization: Not applicable as the skill focuses on authoritative server configuration management. The surface is assessed as safe given the administrative context and trusted source origins.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 07:26 AM
Security Audit — agent-trust-hub — netbox-administration