databox
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the public npm registry. This is a standard installation for the vendor's platform tools. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to perform operations such as logging in, connecting to Databox, and running actions. These commands are part of the intended functionality for the Databox integration. - [DYNAMIC_EXECUTION]: The skill includes a feature to create new actions dynamically using
membrane action create. This allows the platform to generate integration logic based on a natural language description, which is a core feature of the Membrane platform. - [INDIRECT_PROMPT_INJECTION]: The skill processes data returned from Databox metrics and dashboards. This creates a surface where malicious content stored within the external Databox account could potentially influence the agent's behavior.
- Ingestion points: Data enters the agent context through the output of
membrane action runcommands. - Boundary markers: None detected in the provided instructions.
- Capability inventory: The skill can execute commands via the Membrane CLI, create new actions, and manage connections.
- Sanitization: No explicit sanitization or filtering of the external data is described in the skill instructions.
Audit Metadata