peekaboo
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill installs the peekaboo binary from an unverified third-party Homebrew tap (steipete/tap/peekaboo), which introduces supply-chain risk.
- DATA_EXFILTRATION (HIGH): Core features include screenshot capture, video recording, and clipboard access. These allow an agent to access and potentially exfiltrate highly sensitive visual and text data from the user desktop.
- COMMAND_EXECUTION (HIGH): The skill provides arbitrary UI control including simulated mouse clicks, keyboard input, and the execution of JSON automation scripts via the peekaboo run command.
- CREDENTIALS_UNSAFE (MEDIUM): Documentation includes examples of typing passwords in plain text and mentions managing credentials in configuration files.
- PROMPT_INJECTION (LOW): Vulnerable to indirect prompt injection via screen content analysis (peekaboo see), where malicious on-screen text could manipulate agent behavior.
- Ingestion points: peekaboo see, peekaboo clipboard.
- Boundary markers: None.
- Capability inventory: click, type, run, app launch.
- Sanitization: None.
Recommendations
- AI detected serious security threats
Audit Metadata