Skills
skills/aloth/powerskills/powerskills-desktop/Gen Agent Trust Hub

powerskills-desktop

Warn

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The launch action in desktop.ps1 uses the Start-Process cmdlet to execute any application with arbitrary arguments provided via the --app and --app-args parameters.
  • [COMMAND_EXECUTION]: The keys action utilizes [System.Windows.Forms.SendKeys] to send arbitrary keyboard input to the system. This allows for the execution of commands within terminals or interaction with sensitive UI elements (like configuration menus or password fields) if they are in focus.
  • [DATA_EXFILTRATION]: The screenshot action captures visual data from the primary monitor or specific windows and saves it to a file. This capability can be used to capture sensitive information displayed on the screen.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. If the agent reads a malicious file or website and subsequently uses that data to populate the --keys or --app-args parameters, it could lead to unauthorized command execution.
  • Ingestion points: Data provided to the --keys, --app, and --app-args parameters (processed in desktop.ps1).
  • Boundary markers: None identified; parameters are passed directly to system execution functions.
  • Capability inventory: File system writes (screenshot), process execution (launch), and UI interaction (keys).
  • Sanitization: No validation or escaping is performed on the input strings before they are passed to Start-Process or SendKeys.
  • [DYNAMIC_EXECUTION]: The script uses Add-Type to compile C# code at runtime to interface with Win32 APIs (user32.dll) for window enumeration and manipulation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 04:00 AM