Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Windows Control
v1.0.0Full Windows desktop control. Mouse, keyboard, screenshots - interact with any Windows application like a human.
⭐ 28· 6.7k·42 current·43 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (Windows desktop control) align with the included scripts: they perform mouse/keyboard actions, window management, screenshots, UI automation and text extraction. Requested resources (no env vars, no external services) are appropriate for this purpose. One minor mismatch: the package/metadata do not set an OS restriction even though the code uses Windows-only libraries (pywinauto, pygetwindow) — this should be declared.
Instruction Scope
SKILL.md instructs running the included scripts to capture screenshots, enumerate windows, read UI elements and dialog contents, click and type. Those actions are exactly the skill's purpose, but they are high‑privilege from a data-sensitivity perspective (can capture arbitrary on-screen text, dialogs, and screenshots). The instructions do not reference reading unrelated files or environment variables, and they do not send data to external endpoints.
Install Mechanism
No install spec (instruction-only) so nothing is automatically downloaded/written during install — lower risk. However, the code depends on Python packages (pywinauto, pyautogui, pygetwindow, PIL, optional pytesseract) that are not declared in an install spec or requirements file; the lack of explicit dependency/install guidance could lead users to run unprepared or install packages from untrusted sources.
Credentials
No environment variables, credentials, or config paths are requested. The lack of secret/credential requirements is proportional to the described functionality.
Persistence & Privilege
always:false (no forced inclusion). The skill can be invoked autonomously (default platform behavior) — note that autonomous use plus the ability to control the desktop increases blast radius, but autonomous invocation alone is not a disqualifying issue here.
Assessment
This skill appears to do what it claims: full Windows GUI automation and reading of UI/dialog text. Before installing, consider: (1) Source trust — the package has no homepage and an unknown owner; inspect the code yourself or only use from a trusted publisher. (2) Platform — it requires Windows (pywinauto, pygetwindow); ensure you run it on Windows. (3) Dependencies — the README does not declare required Python packages; install only from trusted package indexes and pin versions. (4) Data sensitivity — the skill can screenshot screens and read UI/dialog text (including sensitive contents like emails, passwords visible on screen). Limit where and when the agent can run it and avoid running it on machines with sensitive data unless you trust the skill. (5) Autonomy — if you allow autonomous invocation, consider restricting or auditing automated runs because the skill can perform destructive actions (close windows, send keystrokes). If you want lower risk, run the scripts manually in an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk971ks8rx9mvgzn8kkprdbwmts80bb1r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.