peekaboo
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
peekaboobinary from a third-party Homebrew tap (steipete/tap/peekaboo) as specified in the installation metadata. - [COMMAND_EXECUTION]: The skill executes a custom CLI tool to perform a wide range of system actions, including mouse clicks, keyboard input simulation, and window management. These operations require high-privilege system permissions (Accessibility and Screen Recording) on macOS.
- [DATA_EXFILTRATION]: The skill can access sensitive user data through commands that read the system clipboard (
clipboard) and capture images or metadata of the screen (image,see,capture). - [PROMPT_INJECTION]: The vision-based analysis features (
see --analyze,image --analyze) process screen content which may contain untrusted data. This creates a surface for indirect prompt injection if an attacker can display malicious instructions on the user's screen. - Ingestion points: UI maps and screenshots analyzed by vision models via the
--analyzeflag. - Boundary markers: None identified in the skill instructions to distinguish between application content and system commands.
- Capability inventory: Full UI interaction (clicking, typing), clipboard access, and file system writes for screenshots.
- Sanitization: None identified for visual content before analysis.
Audit Metadata