⌨️ cli toolActivePromisingmedium
proofshot
by AmElmo
Give AI coding agents eyes. Records browser sessions, captures screenshots, collects errors, and bundles proof artifacts — so humans can verify what the agent built.
Quality Breakdown
84/ 200
Content Signals
Repo Health
Multi-platform bonus: +5 pts if tool supports 2+ platforms. Score derived from 12 structural signals — not stars or popularity.
Trust & Verification
medium
Requires extended permissions (shell access, subagents). Review before use.
Active
Updated within the last 90 days. Actively maintained.
Risk Assessment
- Binary execution capability: Contains CLI tool (bin/proofshot.ts) that executes shell commands and interacts with browsers, requiring careful validation of input handling
- Browser automation: Implements browser session control (capture, interact, navigate) which could be misused for unauthorized access or manipulation
- GitHub integration: Includes GitHub API interaction (src/utils/github.ts) for posting to PRs, which requires authentication token handling
- Process execution: src/utils/exec.ts and src/utils/process.ts execute external commands, requiring validation that command injection is prevented
- Video/screenshot capture: Records browser sessions and system state which could capture sensitive data if not properly scoped
- Configuration persistence: Includes CLAUDE.md and proofshot.config.json for agent configuration, though appears to be documentation rather than malicious persistence