netbox-reconcile
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection due to its handling of external data.
- Ingestion points: Untrusted data enters the agent context from network devices via pyATS commands and from NetBox object queries as described in
SKILL.md. - Boundary markers: The reconciliation workflow lacks explicit delimiters or markers to distinguish between system instructions and the data being processed from devices.
- Capability inventory: The skill has the ability to execute multiple automation scripts through the
$MCP_CALLpattern and interact with external systems like ServiceNow. - Sanitization: There is no evidence of data sanitization or validation logic applied to external device content before it is interpolated into generated reconciliation reports or ServiceNow incident descriptions.
Audit Metadata