Skills
skills/yanyang1116/skills/channel-screenshot-send/Gen Agent Trust Hub

channel-screenshot-send

Warn

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill captures full-screen visual data via the screencapture utility and transmits it to an external endpoint using the openclaw message send command. This facilitates the transfer of potentially sensitive desktop information to a remote channel.
  • [COMMAND_EXECUTION]: The skill executes shell commands to capture screen data, manage temporary files in /tmp, and interact with the openclaw CLI tool.
  • [COMMAND_EXECUTION]: The recommended command pattern interpolates variable context (e.g., <current-channel>, <current-target>) into a shell script. If these values are derived from untrusted user input and not strictly validated, it could lead to command injection.
  • [PROMPT_INJECTION]: The skill processes untrusted visual data (screen content) which represents an indirect prompt injection surface should the model attempt to interpret instructions contained within the image.
  • Ingestion points: Screen content is captured to a temporary file via /usr/sbin/screencapture (SKILL.md).
  • Boundary markers: None present; the skill lacks delimiters or instructions to ignore content within the captured media.
  • Capability inventory: Executes shell commands via screencapture and openclaw (SKILL.md).
  • Sanitization: No validation, OCR filtering, or content sanitization is performed on the captured image before transmission.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 25, 2026, 01:50 PM