Skills
skills/spencerpauly/awesome-cursor-skills/screenshotting-changelog/Gen Agent Trust Hub

screenshotting-changelog

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands git stash and git stash pop to manage branch states. These are standard development operations used to switch between 'before' and 'after' states of a codebase.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from a browser (browser_navigate) which then processes the content of the page for screenshotting and description.
  • Ingestion points: The browser_navigate tool is instructed to visit http://localhost:3000/affected-page (SKILL.md).
  • Boundary markers: Absent; there are no specific instructions to the agent to ignore potentially malicious text within the browser's rendered content.
  • Capability inventory: The skill has access to shell commands (git) and workspace file writing (saving screenshots).
  • Sanitization: Absent; the visual content is passed directly to the agent's vision/context.
  • Contextual Risk: The risk is assessed as safe because the tool is explicitly designed for a developer to use on their own local development server, meaning the content being 'ingested' is the developer's own code.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 09:43 PM