gui-agent-mobile
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates Android GUI automation by invoking the gui_agent_skill module through CLI commands such as python -m gui_agent_skill.cli execute and python -m gui_agent_skill.cli tap. These commands are used to interact with mobile device interfaces and are central to the skill's legitimate functionality.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the device screen to determine its next actions. Ingestion points: Screen captions and screenshot paths are returned by the CLI for analysis by the agent. Boundary markers: No specific delimiters or warnings to ignore instructions within the UI data are present in the skill instructions. Capability inventory: The skill can perform multi-step automation, UI clicks, and coordinate-based taps on a connected Android device. Sanitization: The skill does not describe any mechanisms for validating or sanitizing the content retrieved from the device screen before processing it.
Audit Metadata