netbox-config-templates
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents the NetBox configuration template system with a strong focus on security best practices.
- The documentation explicitly mentions the use of a
SandboxedEnvironmentfor Jinja2 rendering, which prevents file I/O and arbitrary imports. - It provides details on security allowlists (
JINJA_ENV_PARAMS_ALLOWEDandJINJA_ENVIRONMENT_PARAMS) implemented to mitigate RCE risks (CVE-2026-29514) and control access to environment variables via theenv()filter. - Code examples for API interaction use standard placeholder patterns for tokens (e.g., "nbt_abc123.xxxxxxxxxxxxxxxx") rather than hardcoding actual credentials.
- All external references and dependencies are directed toward official vendor resources (netboxlabs.com) or well-known community repositories (github.com/netbox-community/netbox).
Audit Metadata