desktop-app-flows
Warn
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Uses the
agent-swiftCLI to perform UI interactions such as clicking, typing, and scrolling through the macOS Accessibility API. - [COMMAND_EXECUTION]: Instructs the agent to use
sudo launchctl asuserto execute automation tasks within a specific user's graphical session, involving privilege escalation patterns. - [DATA_EXFILTRATION]: Provides capabilities to capture full-window screenshots (
agent-swift screenshot) and accessibility tree snapshots (agent-swift snapshot --json), which can expose sensitive user information displayed within the application. - [EXTERNAL_DOWNLOADS]: Contains links to external user journey reports and run evidence hosted on the
flow-walker.beastoin.workers.devdomain.
Audit Metadata