Skills
skills/sickn33/antigravity-awesome-skills/computer-use-agents/Gen Agent Trust Hub

computer-use-agents

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements desktop automation and shell command execution tools. It uses pyautogui for mouse and keyboard control (clicking, typing, scrolling) and subprocess.run to execute bash commands. These are primary features of the demonstrated agent architecture.
  • [DATA_EXFILTRATION]: The agent's perception loop involves capturing the system screen state using pyautogui.screenshot() and scrot. This exposes all visible desktop content to the AI model for processing.
  • [INDIRECT_PROMPT_INJECTION]: This skill defines an attack surface for indirect prompt injection via visual inputs.
  • Ingestion points: Untrusted data enters the context through system screenshots in the capture_screenshot and _handle_computer_action methods.
  • Boundary markers: The provided implementation lacks delimiters or instructions to the model to ignore malicious text or instructions that might appear in screenshots.
  • Capability inventory: Across all scripts, the agent maintains capabilities for file editing (via text_editor), shell execution (via subprocess.run), and desktop interaction (via pyautogui).
  • Sanitization: There is no evidence of input validation or sanitization for commands generated by the LLM before they are passed to the tool execution functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:31 AM