acontext-chatbot-integration

This integration doc describes legitimate SDK capabilities for building chatbots with per-session disk storage and sandboxed execution. The purpose and capabilities are broadly consistent. The primary security concerns are operational: sandboxed command execution combined with file write/export features create realistic data-exfiltration paths if the sandbox or backend are not hardened (network disabled, filesystem isolation, strict time/resource limits, access controls). Centralizing all messages and artifacts in the Acontext backend increases the blast radius if API keys or access controls are compromised. There are no obvious signs of embedded malware, obfuscated code, third-party download-and-execute instructions, or credential-harvesting endpoints in the document itself. Recommend: ensure sandbox isolation and least-privilege, enforce short-lived signed URLs and strict access checks for disk artifacts, rotate and protect ACONTEXT_API_KEY, and document sandbox/network/file access policies clearly before using this skill in production.