netbox-custom-scripts
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a shell command for environment verification using
curl. This command interacts with the NetBox API using the$NETBOX_TOKENenvironment variable and formats the output withpython -m json.tool. - [PROMPT_INJECTION]: The documentation identifies a surface for indirect prompt injection where custom scripts process untrusted data (e.g., through
FileVarfor file uploads) and perform database operations. - Ingestion points: Ingestion of untrusted data through
FileVarinSKILL.mdandreferences/script-variables.md(e.g.,data['csv_file'].read()). - Boundary markers: No specific delimiters or boundary markers are suggested for processing external data.
- Capability inventory: The skill documents full Django ORM access, enabling scripts to create, update, and delete objects within the NetBox database as seen in
references/orm-patterns.md. - Sanitization: The skill mitigates risks by instructing developers to always call
full_clean()before saving objects to ensure model-level validation.
Audit Metadata