harmonyos-device-automation
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes npx to download and run the @midscene/harmony package from the NPM registry. This package is an official resource provided by the vendor.
- [COMMAND_EXECUTION]: The skill provides the runhdcshell command which allows the agent to execute arbitrary shell commands on the connected HarmonyOS device via the hdc utility.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through visual input. As the automation logic depends on interpreting device screenshots, instructions or text displayed on the device screen could be interpreted by the agent as commands.
- Ingestion points: Device screenshots captured via take_screenshot.
- Boundary markers: No specific delimiters or instruction-blocking techniques are mentioned for processing screenshot data.
- Capability inventory: The agent can execute shell commands on the host via the Bash tool and on the device via the runhdcshell command.
- Sanitization: No visual content sanitization or validation is implemented.
Audit Metadata