Skills
skills/dotnetage/mindx/screenshot/Gen Agent Trust Hub

screenshot

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script executes the native macOS screencapture utility to capture screen content. It also utilizes standard system utilities including jq for input parsing, date for timestamp generation, and sleep for the delay feature.- [PROMPT_INJECTION]: Indirect prompt injection surface analysis:
  • Ingestion points: User-provided parameters type, filename, and delay are processed from the agent's context in SKILL.md.
  • Boundary markers: No explicit boundary markers or "ignore instructions" delimiters are used for parameter interpolation.
  • Capability inventory: The skill has the capability to execute shell commands and write files to the local file system as defined in screenshot_cli.sh.
  • Sanitization: Input parameters are extracted via jq -r and are properly quoted within the shell script to prevent simple command injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 10:47 AM
Security Audit — agent-trust-hub — screenshot