sbox
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate documentation retrieval from the author's infrastructure (sdocs.suiram.dev) to assist with S&Box game development tasks. No unauthorized data access, credential exposure, or command execution patterns were found.
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to
https://sdocs.suiram.devfor search and API metadata. This domain is recognized as a vendor-owned resource belonging to the author 'suiramdev'. - [PROMPT_INJECTION]: The skill retrieves data from external APIs to inform agent responses, which is a standard retrieval-augmented generation (RAG) pattern. While this introduces a surface for indirect prompt injection, the source is the vendor's own domain and the skill lacks any high-risk capabilities (like file writing or command execution) that could be exploited via such an injection. Ingestion points: API responses from sdocs.suiram.dev. Boundary markers: Not present. Capability inventory: None. Sanitization: Not specified.
Audit Metadata