open-computer-use
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by invoking the
open-computer-useCLI utility to perform GUI automation tasks. This includes listing applications, retrieving UI element states, and performing mouse/keyboard actions. These operations are the primary function of the skill.\n- [EXTERNAL_DOWNLOADS]: Documentation guides the installation of the core tool vianpm install -g open-computer-useand the addition of skills from the author's GitHub repository. These actions use standard package management tools and official registries.\n- [PROMPT_INJECTION]: The skill interacts with external data by ingesting application window states (e.g., viaget_app_state), which represents a surface for indirect prompt injection. However, the skill includes explicit boundary markers and safety rules instructing the agent to avoid sensitive data like password managers and to seek user approval for high-stakes actions, such as financial transactions or data deletion.
Audit Metadata