pp-agent-capture

Pass

Audited by Gen Agent Trust Hub on May 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires installing the agent-capture-pp-cli binary using npx -y @mvanhorn/printing-press or go install. These packages are hosted under the author's namespace on NPM and GitHub.
  • [COMMAND_EXECUTION]: The agent is instructed to execute various shell commands using the installed CLI to interact with macOS screen capture APIs, including screenshot, record, and vhs.
  • [PROMPT_INJECTION]: The ocr command extracts text from desktop windows and ingests it into the agent's context, creating an indirect prompt injection surface. Ingestion points: OCR text extracted from windows in SKILL.md. Boundary markers: None present. Capability inventory: Access to the host shell via the agent-capture-pp-cli tool. Sanitization: No sanitization or validation of the extracted text is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 25, 2026, 02:32 AM
Security Audit — agent-trust-hub — pp-agent-capture