Peekaboo
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the peekaboo binary using the Homebrew package manager from a developer-maintained tap.
- [COMMAND_EXECUTION]: It invokes various system commands to perform UI interactions, manage window states, and launch or quit macOS applications.
- [DATA_EXFILTRATION]: The tool can read system clipboard contents and capture screen data, which are necessary for its automation features but involve sensitive user information.
- [PROMPT_INJECTION]: The skill's vision-based analysis features create a surface for indirect prompt injection, as the agent processes and may act upon text or instructions found within the captured UI content. 1. Ingestion points: UI data is ingested via the see and capture commands. 2. Boundary markers: No markers are present to distinguish UI content from agent instructions. 3. Capability inventory: The skill can execute complex UI interactions including clicking, typing, and opening applications. 4. Sanitization: No sanitization is performed on the captured UI data before analysis.
Audit Metadata