preview-shots
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using
open -a Previewto display curated sets of images in a single window. - [COMMAND_EXECUTION]: The skill uses
osascript -eto execute AppleScript commands for UI management, such as closing windows (tell application "Preview" to close every window) and quitting the application (quit app "Preview"). - [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: The skill processes image files (PNG/GIF) and their associated file paths from the repository or user input (SKILL.md).
- Boundary markers: No delimiters or instructions are provided to the agent to treat filenames or file paths as untrusted data.
- Capability inventory: The agent has the capability to execute shell commands (
open) and automation scripts (osascript). - Sanitization: The instructions do not specify validation or sanitization of file paths before they are passed to the shell, which could allow for command injection if filenames contain shell metacharacters.
Audit Metadata