peekaboo
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
peekabooCLI to perform UI automation tasks such as simulated typing, clicking, and managing applications. These actions require the user to grant Screen Recording and Accessibility permissions to the environment. - [EXTERNAL_DOWNLOADS]: The skill's installation process utilizes Homebrew to fetch the
peekabooformula from a third-party tap (steipete/tap/peekaboo), which involves fetching and executing code from an external repository. - [DATA_EXFILTRATION]: The tool has the capability to access sensitive user data through its ability to capture screenshots, record the screen, and read the system clipboard. While these are necessary for its automation features, they represent access to potentially sensitive information.
- [PROMPT_INJECTION]: The
seeandimagecommands support an--analyzeflag, which creates a surface for indirect prompt injection if the agent interprets instructions visible on the user's screen during automation. (Ingestion points: Screen analysis output viasee/imagein SKILL.md; Boundary markers: Absent; Capability inventory: click, type, press, app, clipboard in SKILL.md; Sanitization: Absent).
Audit Metadata