pyautogui-helper

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The installation guide in SKILL.md recommends using sudo pip3 install to set up the necessary environment. Executing package managers with root privileges can potentially introduce security risks to the underlying host system if the packages or the environment are not strictly controlled.
  • [EXTERNAL_DOWNLOADS]: The skill requires several standard Python libraries for its core functionality, including pyautogui, opencv-python, pyperclip, pillow, and numpy. These are well-known and reputable packages used widely in the automation and computer vision communities.
  • [PROMPT_INJECTION]: The skill's primary utility script, scripts/pyautogui_utils.py, provides functions to capture and analyze screen data (capture_screen_opencv). This capability introduces an indirect prompt injection surface, where an agent acting on visual data from an untrusted UI could be manipulated by content displayed on the screen.
  • Ingestion points: capture_screen_opencv in scripts/pyautogui_utils.py captures raw image data from the user's screen.
  • Boundary markers: None present; the skill utilizes direct template matching on the raw pixel data.
  • Capability inventory: The utility script includes powerful interaction capabilities, including pyautogui.click, pyautogui.write, and pyautogui.hotkey in scripts/pyautogui_utils.py.
  • Sanitization: No validation or sanitization of the visual data is performed before it is processed by the matching algorithms.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 04:46 PM
Security Audit — agent-trust-hub — pyautogui-helper