netbox-assurance

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Assurance deviations and field-level before/after change details are produced from runtime-ingested “actual network state” coming from configured data sources (e.g., Discovery agents/controllers/Diode SDK), and those deviation texts are then presented in the NetBox Assurance UI and thus become LLM-readable context for the agent; this is outsider-authored content because it originates from external network/controller data rather than the operating user’s own authored prompts/files.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 07:26 AM
Issues
1
Security Audit — snyk — netbox-assurance