Skills
skills/bahayonghang/my-claude-code-settings/screenshot/Gen Agent Trust Hub

screenshot

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various OS-level commands and scripts to perform screen capture. In scripts/take_screenshot.py, subprocess.run is used to call screencapture on macOS, and scrot, gnome-screenshot, or import on Linux. It also uses osascript on macOS to manage application windows.
  • [DATA_EXFILTRATION]: The skill accesses sensitive information by capturing screenshots of the desktop and specific windows. Captured images are saved to local paths or system temporary directories. Although the skill does not exfiltrate data over the network, the access to raw screen content constitutes significant data exposure.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted visual data from the screen.
  • Ingestion points: Screen content is captured as image data via scripts/take_screenshot.py and scripts/take_screenshot.ps1.
  • Boundary markers: No boundary markers or instructions are present to isolate potentially malicious commands within the captured visual data.
  • Capability inventory: The skill possesses capabilities for command execution and local file writing across its scripts (e.g., subprocess.run in Python and $bitmap.Save in PowerShell).
  • Sanitization: No pre-processing or sanitization of the screen content is performed to mitigate potential instruction injection within the captured images.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 10:17 AM