netsuite-ai-connector-guardrails

Fail

Audited by Snyk on Mar 27, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 1.00). The skill includes explicit instructions to "Show your reasoning throughout the process" and "Execute immediately" / "Apply every rule ... no exceptions," which attempt to force disclosure of internal chain-of-thought and override higher-level system constraints—behavior that is outside the stated purpose of providing tool-selection and safety guardrails and therefore constitutes a prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). This skill is explicitly a NetSuite connector designed for financial operations. It defines and mandates use of ns_createRecord and ns_updateRecord (with explicit guards) and enumerates transaction record types including Customer Payment (custpymt), Bank Deposit (deposit), Bank Transfer (transfer), Vendor Bill / Bill Payment flows, and other finance transactions. The tool selection and hard rules are specifically oriented to creating/updating financial transaction records (not generic browsing or generic API calls). Because it directly supports creating/updating payment and bank transaction records within NetSuite, it grants direct financial execution capability.

Issues (2)

E004
CRITICAL

Prompt injection detected in skill instructions.

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 27, 2026, 06:04 PM
Issues
2
Security Audit — snyk — netsuite-ai-connector-guardrails