computer-use
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
orcaCLI to perform desktop automation tasks such as listing apps, reading UI trees, clicking, and typing. These operations are the primary purpose of the skill. - [DATA_EXFILTRATION]: The skill accesses local application state, including accessibility trees and screenshots. This creates a surface for potential exposure of sensitive information if an agent inspects private documents or applications. The instructions mitigate this by advising the agent to only read requested content and avoid unnecessary logs or screenshots.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the user's desktop environment (app UI text and visuals). This is a known attack surface where malicious content in an application could attempt to influence the agent's behavior. The skill mitigates this through a "Safety Checks" section that requires explicit user permission for high-risk actions like submitting forms, purchasing, or changing settings.
Audit Metadata