Skills
skills/vm0-ai/vm0-skills/dropbox/Gen Agent Trust Hub

dropbox

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Uses the curl utility to perform operations such as listing folders, uploading/downloading files, and managing account settings. This is standard behavior for an API integration skill.
  • [EXTERNAL_DOWNLOADS]: Communicates with official Dropbox endpoints (api.dropboxapi.com and content.dropboxapi.com) to manage and transfer data. These are well-known, legitimate services.
  • [DATA_EXFILTRATION]: Includes commands for creating shared links and adding folder members. These features facilitate sharing data with external entities but are core functionalities of the Dropbox platform and aligned with the skill's stated purpose.
  • [REMOTE_CODE_EXECUTION]: Documents the save_url endpoint, which allows the user to trigger a download from a remote URL into their Dropbox account. While this involves fetching external data, it is a documented feature of the Dropbox API.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:43 PM