Skills
skills/cklxx/elephant.ai/desktop-automation/Gen Agent Trust Hub

desktop-automation

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The run_script function in run.py accepts an unvalidated script string and executes it directly using the osascript command via subprocess.run. This provides an interface for executing arbitrary AppleScript code on the host system.
  • [COMMAND_EXECUTION]: The open_app function in run.py performs string interpolation of the app argument into an AppleScript template (f'tell application "{app}" to activate'). This is vulnerable to injection if the input contains escaping characters like double quotes.
  • [COMMAND_EXECUTION]: The skill provides the agent with the capability to manipulate any accessible application on the macOS desktop, which could lead to unauthorized data access or system changes if the agent's input is compromised.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 04:29 PM