Screenshot To Prompt
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
If a screenshot contains private labels, business data, or misleading visible instructions, those details may appear in the generated prompt that the user sends onward.
Why it was flagged
The skill intentionally creates a prompt for a downstream coding agent, so screenshot-derived text may be carried into another agent workflow if the user forwards it.
Skill content
生成一份可以直接发送给 coding agent 的实现 prompt
Recommendation
Review and redact the generated prompt before sending it to a coding agent, especially when screenshots include sensitive or irrelevant text.