screenshot-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection through its multi-agent orchestration.
- Ingestion points: User-provided screenshots are read in Phase 1 and their analysis results are interpolated into the synthesis prompt in Phase 3.
- Boundary markers: There are no delimiters or protective instructions in the Agent 4 (synthesizer) prompt to differentiate between instructions and the data being processed.
- Capability inventory: The skill has the capability to write files to the local 'docs/plans/' directory.
- Sanitization: The skill does not perform any sanitization or validation on the text extracted from input screenshots.
Audit Metadata