windows-ui-controller

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Windows UI automation guide, but it teaches broad live-app clicking and typing, including messaging apps, without strong user confirmation boundaries.

Install only if you intentionally want an agent to automate your Windows desktop. Use it first in test apps or test accounts, avoid finance, admin, password-manager, and private-chat workflows, and require explicit confirmation before any click, type, send, delete, purchase, or administrator-elevated action. Prefer official PyPI/GitHub package sources for pywinauto.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README explicitly teaches automating live Windows applications such as WeChat/QQ, including scanning windows, locating controls, clicking buttons, and typing text, and even includes examples for finding a WeChat send button and entering message text. In an agent skill context, this can cause unintended actions on real user applications and data if invoked without clear safety boundaries, confirmation steps, dry-run guidance, or warnings about acting on production UI state.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal