Because of limited availability, the NDX contracts have not been audited by an established security firm; however, the core contracts have been audited by two independent security experts: Daniel Luca, a former auditor for Consensys diligence, and Mudit Gupta, previously the lead blockchain engineer at Polymath.
It is important for users to understand that the NDX governance organization has the ability to change the proxy implementation for most core contracts in the Indexed protocol. All governance transactions are subject to a two day time lock, so careful users should monitor proposals submitted to the governor contract.
This project is still in beta and we advise caution - please do not put more into our contracts than you are prepared to lose if a vulnerability is found and exploited. The project is less than a year old and has not received extensive scrutiny an auditing firm specialising in smart contracts.