box-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references 'https://rube.app/mcp' as its tool provider. This is the intended functional architecture for the Box automation suite.
- [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface by processing external data from Box. 1. Ingestion points: 'SKILL.md' (via search and listing tools). 2. Boundary markers: Absent. 3. Capability inventory: Full file and folder management including uploads, downloads, and sharing. 4. Sanitization: No explicit sanitization of external metadata is described.
Audit Metadata