skills/base44/skills/base44-sandbox/Gen Agent Trust Hub

base44-sandbox

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for running commands (e.g., npm run build, npx tsc) within a cloud sandbox environment using run_command or sandbox run. This functionality is the intended primary purpose of the skill for verification and development within the vendor's infrastructure.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and configuration resources from the vendor's official domain (base44.com). These references are used for onboarding and technical reference.
  • Evidence: https://app.base44.com/api/sandbox/<APP_ID>/local-agent/readme.md
  • [PROMPT_INJECTION]: The skill describes a workflow that involves reading and processing code files from a remote environment, which constitutes an attack surface for indirect prompt injection. This is a characteristic of development-oriented skills.
  • Ingestion points: Instructions to read existing project files via read_file or sandbox read (SKILL.md).
  • Boundary markers: No specific delimiters or instructions for separating untrusted code from instructions are provided in the documentation.
  • Capability inventory: The skill utilizes powerful tools such as write_file and run_command (SKILL.md).
  • Sanitization: No content sanitization or validation mechanisms are mentioned before the agent processes external files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 01:18 PM
Security Audit — agent-trust-hub — base44-sandbox