flutter-control-and-screenshot
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to ingest and act upon data from an external application (logs and widget trees), which could be manipulated to provide malicious instructions if the target application is compromised. \n
- Ingestion points:
mcp_dart-mcp-server_get_app_logsandmcp_dart-mcp-server_get_widget_tree.\n - Boundary markers: None specified in the instructions.\n
- Capability inventory: UI control (tapping, entering text), browser navigation via
browser_subagent, and app lifecycle management.\n - Sanitization: No sanitization or validation of the ingested data is described.\n- External Downloads (LOW): The skill suggests adding
flutter_driveras a dependency. This involves downloading code from an external repository, but the source (Flutter SDK) is considered trusted per [TRUST-SCOPE-RULE].\n- Command Execution (SAFE): The skill describes launching and interacting with a Flutter application. Since this is the primary stated purpose of the skill and uses legitimate development tools, this behavior is considered safe.
Audit Metadata