screenshot
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on several system-level utilities (
screencapture,scrot,gnome-screenshot,import,osascript,swift, anddefaults) to perform its core tasks. These commands are executed via standard subprocess calls across all supported platforms. - [COMMAND_EXECUTION]: In
scripts/take_screenshot.py, theactivate_appfunction uses string interpolation to build an AppleScript command forosascript. While it includes a sanitization step (escaping double quotes), this is an entry point where application names could influence script execution. - [COMMAND_EXECUTION]: The Windows helper
scripts/take_screenshot.ps1uses theAdd-Typecmdlet to compile C# code at runtime. This code interfaces with the Windows API (user32.dll) to determine window bounds and focus, which is a common and legitimate pattern for advanced PowerShell automation. - [COMMAND_EXECUTION]: The PowerShell script instructions recommend the use of the
-ExecutionPolicy Bypassflag to ensure the script runs regardless of the local environment's restrictive execution policies. - [SAFE]: All external calls and tool usage are strictly limited to the stated purpose of capturing and saving screenshots. The skill does not perform any network operations, and its file access is limited to standard user directories (Desktop, Pictures, Temp) as per user or agent request.
Audit Metadata