skills/apideck-libraries/api-skills/dropbox/Snyk

dropbox

Warn

Audited by Snyk on May 12, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). This skill explicitly reads and downloads user-generated content from Dropbox via Apideck's File Storage API (see SKILL.md examples like files.list and "Download file content" / Proxy to Dropbox), so untrusted third-party file contents could be ingested and influence agent behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 12, 2026, 07:00 PM

Issues

1

Security Audit — snyk — dropbox