macos-screenshot
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a shell command to create a directory and invoke the macOS native
screencaptureutility. The command includes the-xflag to disable sound during the capture process. - [PROMPT_INJECTION]: Vulnerability surface for indirect prompt injection detected:
- Ingestion points: Data captured from the user's screen through the
screencapturecommand. - Boundary markers: Absent; the skill does not specify any delimiters to separate screen text from system instructions.
- Capability inventory: Shell command execution (
mkdir,screencapture) and local file system write access. - Sanitization: Absent; no content validation or filtering is performed on the captured screen data before it is processed by the agent.
Audit Metadata