dropbox-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to register an external MCP server at
https://rube.app/mcp. This domain is not part of the trusted vendors list. - [PROMPT_INJECTION]: The skill displays an indirect prompt injection surface as it processes untrusted file content from Dropbox.
- Ingestion points: Untrusted file content and metadata are retrieved through
DROPBOX_READ_FILEandDROPBOX_SEARCH_FILE_OR_FOLDER(SKILL.md). - Boundary markers: The instructions do not specify any delimiters or warnings to ignore commands that may be embedded in the files being read.
- Capability inventory: The toolkit includes sensitive capabilities such as deleting files (
DROPBOX_DELETE_FILE_OR_FOLDER), moving files (DROPBOX_MOVE_FILE_OR_FOLDER), and creating public sharing links (DROPBOX_CREATE_SHARED_LINK). - Sanitization: There is no evidence of sanitization, validation, or escaping of the content retrieved from Dropbox before it is processed by the agent.
Audit Metadata