This rule detects when a user shares an item on Box that is accessible externally through a shared link. The event is captured when an item is shared and the rule checks for the accessibility conditions qualified by any user possessing the link. The rule requires the Box SDK with JWT installed in the environment, indicating a need for proper configuration before it can function effectively. The impact of external sharing can lead to potential data exfiltration or sensitive data exposure. Thus, organizations should monitor this activity critically and manage permissions tightly. The rule has a medium severity to highlight its importance without being overly alarming. It is set to fire if the shared item can be accessed by anyone with the link, emphasizing a need for prompt investigations.