Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sshot
v1.0.0Take full screen screenshot using PowerShell
⭐ 0· 128·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (take a full-screen screenshot) is plausible, but the instructions hard-code execution of C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1 on a node named 'My Windows Node'. Requiring a user-specific script and node name is not proportional to the simple described capability and suggests the skill depends on an external, opaque script rather than providing a self-contained implementation.
Instruction Scope
The SKILL.md tells the agent to run PowerShell with -ExecutionPolicy Bypass to execute an external .ps1 file in a user's home directory and to return stdout. That grants the executed script full freedom to perform arbitrary actions (file reads, network access, credential use) and to emit arbitrary data via stdout. The instructions do not include or validate the script contents, do not fall back if the script is missing, and assume a specific node name/path that may not exist.
Install Mechanism
This is an instruction-only skill with no install spec or bundled code, which minimizes written artifacts. However, because it delegates to a local script that is not included, the skill relies on out-of-band installation of potentially untrusted code.
Credentials
No environment variables or credentials are declared, but the skill expects access to a specific file under C:\Users\AlenZhu. Hard-coding another user's home path is disproportionate and opaque. The use of PowerShell -ExecutionPolicy Bypass increases risk because it disables execution restrictions that might otherwise limit harmful scripts.
Persistence & Privilege
The skill does not request persistent 'always' inclusion or system-wide configuration changes. It only instructs a one-time command execution on a specified node. That said, runtime execution of an arbitrary PowerShell script can still have high-privilege effects on the target system depending on the node's permissions.
What to consider before installing
This skill delegates work to an external PowerShell script located at C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1 and runs PowerShell with -ExecutionPolicy Bypass. That combination allows the script to do anything the account can do (read files, access network, exfiltrate data). If you do not control or trust that script, do not install or run this skill. Safer options: 1) Ask the author to include the screenshot PowerShell code directly in the skill or provide the exact contents of sshot.ps1 for review. 2) Make the script path and node configurable instead of hard-coded. 3) Run the skill in a sandbox/VM first or inspect the referenced PS1 file before granting execution rights. 4) If you need only screenshots, prefer a skill that uses explicit, minimal inline commands (no ExecutionPolicy Bypass) or a well-known, reviewed helper binary.Like a lobster shell, security has layers — review code before you run it.
latestvk978qq3henaa254kwcc3x438an833p7q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📷 Clawdis
OSWindows