unbox
Warn
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally using npm. This is a standard requirement for the Membrane platform. - [COMMAND_EXECUTION]: Executes several
membraneCLI commands for authentication, connection establishment, and action execution. - [METADATA_POISONING]: The skill includes a documentation link to Apple's ARKit documentation (
developer.apple.com/documentation/arkit), which is unrelated to the Unbox subscription platform described. This constitutes misleading metadata. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external data. 1. Ingestion points: Data retrieved from Unbox connections via CLI commands. 2. Boundary markers: Not present in the instructions. 3. Capability inventory: The skill can execute commands and run actions through the Membrane CLI. 4. Sanitization: No sanitization or validation of external input is described.
Audit Metadata