adobe-automator

The package implements a legitimate automation capability that intentionally executes arbitrary ExtendScript in Adobe desktop applications. That capability grants scripts full access to the host filesystem, application data, and via OS bridging, potential system-level effects. The provided fragment contains no obfuscated code, hardcoded credentials, or direct network callouts — no evidence of embedded malware. However, because untrusted script execution provides straightforward paths for data exfiltration, destructive file operations, or escalation via OS bridges, this skill is high-risk by design and unsuitable for automated, unreviewed use without strong mitigations (manual review, signed/allowlisted scripts, runtime restrictions, or removal of runScript from agent permissions).

No direct indicators of packaged malware in this file—there is no obfuscation, hard-coded remote host, credential harvesting, or process spawning of shells beyond using cscript/osascript to invoke Adobe hosts. However, the code intentionally accepts and executes arbitrary ExtendScript in installed Adobe applications without validation or sandboxing. That makes it high-risk when run in contexts where the 'script' or 'app' parameters can be influenced by untrusted parties. In short: functional automation utility with significant abuse potential (remote/third-party callers could achieve arbitrary actions and data access through Adobe automation). Use only with trusted inputs and consider adding sanitization, authentication, and safer temp-file handling.