bigbox
Warn
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to run multiple shell commands using the
membraneCLI, including installation, login, and action execution. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of a global Node.js package (
@membranehq/cli) from the public NPM registry. This package is part of the vendor's official toolset. - [PROMPT_INJECTION]: The skill contains contradictory and deceptive metadata. It describes its purpose as file storage ('BigBox'), yet points to 'Best Buy' developer documentation and lists 'Home Depot' actions in its examples. This metadata poisoning can lead to unpredictable behavior or hallucinations as the agent reconciles these conflicting identities during a task.
Audit Metadata