Screenshot Tool

The skill provides legitimate screenshot and recording functionality but contains a command injection vulnerability in the Windows-specific logic within `scripts/screenshot.py`. The `--output` parameter is interpolated directly into a PowerShell script string without sanitization, potentially allowing arbitrary code execution via a crafted filename. While the tool's behavior aligns with its stated purpose and shows no evidence of intentional malice or exfiltration, this security flaw warrants a suspicious classification.