Box Automation

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Box automation guide, but it can affect real Box files and sharing settings through a connected account.

Install only if you are comfortable connecting Box through Rube/Composio. Use the least-privileged Box account that fits your needs, verify file and folder IDs before changes, prefer trash over permanent deletion, and require explicit confirmation before recursive deletes, permanent deletes, downloads of sensitive material, or sharing changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill documents destructive operations such as folder deletion and permanent removal without requiring or even recommending explicit user confirmation, preview of affected items, or safety checks. In an automation context tied to real Box data, this increases the risk of accidental or socially engineered destructive actions causing data loss.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill enables upload, download, and sharing of Box content but provides no privacy or data-handling guardrails, such as checking whether content is sensitive, confirming intended recipients, or warning about local persistence and exfiltration risks. Because Box commonly stores business-sensitive documents, omission of these safeguards makes misuse or accidental disclosure more likely.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal