v1.0.0

Remote Install

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:33 AM.

Analysis

This skill should be reviewed before installation because it can remotely control Windows software installers and the script logs a RustDesk remote-access password.

GuidanceInstall only if you trust the skill and intend to supervise Windows remote software installation. Avoid providing RustDesk passwords until password logging is removed or redacted, give the agent explicit installer paths instead of broad folders, verify installers before running them, and review or pin the Python dependencies.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

"安装桌面上的所有软件" → 自动检测桌面所有安装包并依次安装 ... `.msi` → msiexec 静默安装 ... `.exe` → pywinauto GUI 自动化

The documented workflow can automatically install all detected installer packages using silent install and GUI automation, which is high-impact system mutation.

User impactThe agent could install unwanted, unsafe, or wrong software on the Windows machine if the detected installer set is broader than intended.

RecommendationUse this only with explicit installer paths or a reviewed package list, and add confirmation before each install or before any bulk installation.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

config.json

"next_button_texts": ["下一步", "Next", "继续", "Install", "同意", "Agree", "接受", "Accept"]

The GUI automation is configured to click Install, Agree, and Accept prompts, which may accept installer terms or prompts without user review.

User impactThe installation process may proceed past prompts that a user would normally inspect before approving.

RecommendationKeep the user in the loop for agreement, elevation, and install prompts, especially when installing software from Downloads or Documents.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

requirements.txt

pyautogui>=0.9.53
pygetwindow>=0.0.9
pywinauto>=0.6.8
Pillow>=9.0.0

The dependency list uses lower-bound version ranges, so future package versions may be installed during setup.

User impactDependency behavior could change over time even if the skill files stay the same.

RecommendationPin exact dependency versions or hashes and install them from a trusted package index.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/remote_installer.py

log_path = os.path.join(script_dir, 'installer.log') ... logging.info(f"开始连接 RustDesk: ID={remote_id}, 密码={password}")

The script configures a persistent installer log and then logs the RustDesk remote-access password in plaintext while connecting.

User impactA remote desktop password could remain on disk in installer.log and be reused by anyone who can access that file.

RecommendationRemove or redact password logging, declare the RustDesk credential requirement, and require explicit user approval before using any remote-access credential.