mobile-screenshots

Pass

Audited by Gen Agent Trust Hub on Jul 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and interacting with untrusted external data. \n
  • Ingestion points: The skill installs local APK files into Android emulators (references/android.md) and references the execution of Maestro automation flows (references/ios.md, references/android.md). \n
  • Boundary markers: There are no explicit delimiters or instructions to ignore potential commands embedded within the application binaries or UI automation scripts. \n
  • Capability inventory: The skill uses high-privilege developer tools to execute shell commands (adb, xcrun), perform file system operations (writing screenshots), and trigger network uploads via the gplay and asc tools. \n
  • Sanitization: No validation or sanitization is performed on the externally provided APKs or automation YAML files before processing. \n- [COMMAND_EXECUTION]: The skill uses various command-line tools to interact with system components and external services. \n
  • The instructions use adb and xcrun simctl to manipulate mobile emulators and simulators. \n
  • It utilizes gplay and asc CLI tools for uploading assets to Google Play and the App Store Connect respectively. \n
  • It employs ImageMagick and sips for image processing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 11, 2026, 04:13 AM
Security Audit — agent-trust-hub — mobile-screenshots