From ed1b8bc88d3b6be6b02eb617d71e2ec7c5dfe7a8 Mon Sep 17 00:00:00 2001 From: Arthur Hanson Date: Thu, 5 Sep 2024 09:22:14 -0700 Subject: [PATCH] 16349 add warning to custom script docs --- docs/customization/custom-scripts.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/customization/custom-scripts.md b/docs/customization/custom-scripts.md index e6f6bb85f04..3fa6491d231 100644 --- a/docs/customization/custom-scripts.md +++ b/docs/customization/custom-scripts.md @@ -17,6 +17,9 @@ They can also be used as a mechanism for validating the integrity of data within Custom scripts are Python code which exists outside the NetBox code base, so they can be updated and changed without interfering with the core NetBox installation. And because they're completely custom, there is no inherent limitation on what a script can accomplish. +!!! danger "Only install trusted scripts" + Custom scripts have unrestricted access to change anything in the databse and are inherently unsafe and should only be installed and run from trusted sources. You should also review and set permissions for who can run scripts if the script can modify any data. + ## Writing Custom Scripts All custom scripts must inherit from the `extras.scripts.Script` base class. This class provides the functionality necessary to generate forms and log activity.