computer-use-agents
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): Instructions are focused on enforcing safety boundaries and grounding responses in security reference files to ensure the agent adheres to restricted protocols.- [Privilege Escalation] (SAFE): Validations specifically target and prevent root execution and excessive container capabilities, promoting the use of non-root users.- [Indirect Prompt Injection] (LOW): The skill describes vision-based computer control, which is an inherent vector for indirect injection. Evidence Chain: (1) Ingestion points: Screen and GUI data viewing (SKILL.md). (2) Boundary markers: Encourages user confirmation gates for sensitive actions (validations.md). (3) Capability inventory: Clicking, typing, and GUI automation (SKILL.md). (4) Sanitization: Includes a validation rule for blocking dangerous bash commands (validations.md).- [Command Execution] (SAFE): The validations explicitly include rules to block unvalidated shell execution and dangerous bash commands.
Audit Metadata