netbox-administration
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the use of high-privilege system commands such as
sudo systemctlandpython manage.pyfor standard administration tasks like service restarts, database migrations, and index rebuilding. These operations are consistent with the skill's stated purpose of server management.\n- [EXTERNAL_DOWNLOADS]: Software updates are retrieved from the official NetBox community GitHub repository (github.com/netbox-community/netbox). This is a well-known and trusted source for the application being managed, following the trust rules for established open-source projects.\n- [SAFE]: The skill demonstrates high security awareness by explicitly documenting a known remote code execution (RCE) vulnerability (CVE-2026-29514) and providing guidance on remediation. It also correctly advises on secret management, including the use of peppers and environment variables.\n- [SAFE]: The skill presents an indirect prompt injection surface due to its interaction with server configuration and documentation. Ingestion points:configuration.py,local_requirements.txt, and remote documentation URLs. Boundary markers: None explicitly defined for untrusted configuration data. Capability inventory: Includessudo systemctl,python manage.py runscript, andpip installacrossSKILL.mdandupgrade-procedures.md. Sanitization: Not applicable as the skill focuses on authoritative server configuration management. The surface is assessed as safe given the administrative context and trusted source origins.
Audit Metadata