screenshot-compression
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external binaries
pngquantandjpegoptimto compress image files in place. - Evidence: Lines 57 and 68 in
scripts/compress_screenshots.pyusesubprocess.runto call the utilities. - Security Context: The script passes arguments as a list rather than a shell string, which is a key security measure that prevents command injection attacks even if malicious file paths or quality parameters are provided.
- [PROMPT_INJECTION]: The skill handles external data in the form of file paths, representing a potential surface for indirect prompt injection.
- Ingestion points: User-provided file and directory paths passed via the
pathsargument inscripts/compress_screenshots.py. - Boundary markers: None.
- Capability inventory: Subprocess execution and in-place file system modifications.
- Sanitization: The script verifies file extensions against a whitelist and uses safe subprocess execution patterns to mitigate risks.
Audit Metadata