The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/screen.py executes osascript via subprocess.run to retrieve frontmost application metadata, window titles, and the accessibility UI tree.\n- [COMMAND_EXECUTION]: The script scripts/keyboard.py executes the system pbcopy command to handle non-ASCII text input via the clipboard.\n- [COMMAND_EXECUTION]: All bundled scripts (mouse.py, keyboard.py, screen.py) contain logic to execute pip install for the pyautogui library if it is not present on the host system.\n- [EXTERNAL_DOWNLOADS]: The skill automatically fetches the pyautogui package from the Python Package Index (PyPI) at runtime if the dependency is missing.\n- [DATA_EXFILTRATION]: The scripts/screen.py utility allows the agent to take screenshots (capture action) and scrape the accessibility tree (read-ui action), exposing potentially sensitive data visible on the user's screen.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted UI data that could contain malicious instructions for the agent.\n
Ingestion points: scripts/screen.py reads active window titles, UI labels, and textual content from the accessibility tree.\n
Boundary markers: No delimiters or instructions are used to separate screen-scraped data from the agent's internal logic.\n
Capability inventory: The skill can simulate arbitrary mouse and keyboard events, write files (screenshots), and execute system commands via subprocess.\n
Sanitization: Content provided to the typing and clicking actions is used directly without sanitization or escaping of potentially malicious character sequences.

desktop-control