dropbox-automation
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface due to its core functionality of reading external file contents.
- Ingestion points: The agent ingests untrusted data through the
DROPBOX_READ_FILEtool and file search metadata. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded within the Dropbox files it processes.
- Capability inventory: The skill has access to impactful tools including
DROPBOX_DELETE_FILE_OR_FOLDER,DROPBOX_UPLOAD_FILE, andDROPBOX_CREATE_SHARED_LINKacross all documented workflows. - Sanitization: No sanitization or validation logic is specified for data retrieved from the remote storage before it is added to the agent's context.
- [SAFE]: The skill describes a standard integration with a third-party MCP server (Rube MCP) to provide cloud storage automation. All external references are directly related to the skill's stated purpose of Dropbox automation.
Audit Metadata