box
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing the @membranehq/cli package, which is the official CLI tool provided by the vendor for managing integrations.
- [COMMAND_EXECUTION]: Utilizes the 'membrane' command-line interface to perform Box operations, handle authentication, and execute API requests.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes data from external Box accounts. Ingestion points: File metadata, search results, and API responses from Box (SKILL.md). Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided. Capability inventory: Execution of CLI commands via 'membrane action run' and 'membrane request' (SKILL.md). Sanitization: The skill does not describe any specific sanitization or escaping of data fetched from Box.
Audit Metadata