Skills
skills/steipete/agent-scripts/peekaboo/Gen Agent Trust Hub

peekaboo

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local binary peekaboo to perform high-privilege GUI automation tasks. This includes listing active applications and windows, simulating mouse clicks, and performing text entry.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from the operating system's UI elements.
  • Ingestion points: UI element labels and screen content retrieved via see --json --annotate and image commands (SKILL.md).
  • Boundary markers: The instructions do not define clear boundaries or delimiters to differentiate between the agent's instructions and the content being read from the screen.
  • Capability inventory: The tool possesses the ability to perform shell-based GUI manipulation (click, type) and file system access for saving screenshots (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of the UI text before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 06:37 AM