netbox-ndx

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Runtime path: the skill’s required workflow calls the customer’s NetBox REST endpoints under /api/plugins/ndx/import-records/ and /api/plugins/ndx/enrichments/, which return nested enrichment objects including provenance_entries[].source and other free-text fields; these values originate from the NDX catalog (an external third party) and are ingested into the agent’s LLM context as readable JSON/prose.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 07:26 AM
Issues
1
Security Audit — snyk — netbox-ndx