Skills
skills/whilp/world/screenshot/Gen Agent Trust Hub

screenshot

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the cleanshot command to perform various desktop operations like capturing the screen, recording video, and toggling desktop icons.
  • [PROMPT_INJECTION]: The capture-text subcommand performs OCR on screen regions or files, creating a vulnerability surface for indirect prompt injection. Malicious text visible on a user's screen could be ingested and interpreted as instructions by the agent.
  • Ingestion points: Text content extracted from the screen or image files via the capture-text command.
  • Boundary markers: None.
  • Capability inventory: Execution of shell commands via the Bash tool as specified in the skill configuration.
  • Sanitization: There is no evidence of sanitization or filtering applied to the text results returned from OCR before the agent processes them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 02:21 AM