Skills
skills/willbooster/agent-skills/screenshot-claude/Gen Agent Trust Hub

screenshot-claude

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the 'bunx' command to download and run the '@willbooster/agent-skills' package from the NPM registry. This package is a vendor-owned resource belonging to the skill's author.
  • [COMMAND_EXECUTION]: The skill executes a shell command that triggers the screenshot utility with a specified timeout.
  • [PROMPT_INJECTION]: The skill incorporates user-supplied data directly into a shell command, representing an indirect injection surface.
  • Ingestion points: User inputs for '', '', and '' are used as command-line arguments in SKILL.md.
  • Boundary markers: No delimiters or escaping mechanisms are used to separate user inputs from the shell command structure.
  • Capability inventory: The skill has access to the 'Bash' tool to execute subprocesses.
  • Sanitization: No explicit sanitization or validation of the user-provided arguments is visible in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 12:49 AM