base44-sandbox
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for running commands (e.g.,
npm run build,npx tsc) within a cloud sandbox environment usingrun_commandorsandbox run. This functionality is the intended primary purpose of the skill for verification and development within the vendor's infrastructure. - [EXTERNAL_DOWNLOADS]: The skill references documentation and configuration resources from the vendor's official domain (
base44.com). These references are used for onboarding and technical reference. - Evidence:
https://app.base44.com/api/sandbox/<APP_ID>/local-agent/readme.md - [PROMPT_INJECTION]: The skill describes a workflow that involves reading and processing code files from a remote environment, which constitutes an attack surface for indirect prompt injection. This is a characteristic of development-oriented skills.
- Ingestion points: Instructions to read existing project files via
read_fileorsandbox read(SKILL.md). - Boundary markers: No specific delimiters or instructions for separating untrusted code from instructions are provided in the documentation.
- Capability inventory: The skill utilizes powerful tools such as
write_fileandrun_command(SKILL.md). - Sanitization: No content sanitization or validation mechanisms are mentioned before the agent processes external files.
Audit Metadata