ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PowerSkills

v0.1.0

Windows automation toolkit for AI agents. Provides Outlook email/calendar, Edge browser (CDP), desktop screenshots/window management, and shell commands via...

0· 402·1 current·1 all-time
by@aloth
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md advertises a CLI entrypoint (powerskills.ps1) and per-skill .ps1 scripts for Outlook, browser, desktop, and system actions, but the provided file manifest contains only documentation and config.json — no executable .ps1 files. That is a clear mismatch: the skill promises capabilities that cannot be delivered from the included files, which could indicate missing artifacts or that the skill expects the agent/user to fetch or already have external scripts.
!
Instruction Scope
The runtime instructions tell the agent to change PowerShell execution policy (Set-ExecutionPolicy RemoteSigned or use Bypass), start Edge with remote debugging, run powerskills.ps1 and per-skill .ps1 scripts, and expose actions that read Outlook messages, evaluate arbitrary JavaScript in pages, capture screenshots, send keystrokes, read environment variables, and run arbitrary shell commands. Those actions are powerful and can access sensitive data (email bodies, addresses, env vars, files) and perform arbitrary command execution — the documentation gives broad authority without constraints. Additionally, the scripts the docs reference are not present in the bundle.
Install Mechanism
There is no install spec (instruction-only), so nothing in the bundle will be written or executed automatically. That lowers risk from hidden downloads, but the docs explicitly instruct running local PowerShell scripts (which are absent) and changing execution policy or invoking PowerShell with ExecutionPolicy Bypass — both of which affect system behavior and could enable running external code if the user later fetches scripts.
Credentials
The skill declares no required environment variables or credentials (proportionate), but the documented actions include reading arbitrary environment variables and executing shell commands. While these capabilities are consistent with a 'system' skill, they are high-privilege operations relative to many users' expectations (especially Outlook access and arbitrary exec), and the SKILL.md does not limit which env vars or files may be read.
!
Persistence & Privilege
The instructions recommend setting the user's PowerShell execution policy (Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSigned) or using ExecutionPolicy Bypass. Changing execution policy is a persistent, system-level change that weakens script execution protections. The skill is not marked always:true, but the docs encourage actions that persist and broaden attack surface if malicious or mistaken scripts are later run.
What to consider before installing
Do not install or run this skill until you verify what will actually execute. Key points to check: 1) The package currently contains only documentation and config.json — there are no powerskills.ps1 or per-skill .ps1 scripts listed; ask the publisher where the code is or obtain the full repository and inspect the scripts before running. 2) If you do run code, do not change execution policy system-wide; prefer one-off invocation with PowerShell -ExecutionPolicy Bypass and do so in an isolated/test VM. 3) The documented capabilities can read Outlook mail, environment variables, and execute arbitrary commands and browser JS — these can exfiltrate secrets. Only run under a non-admin, non-sensitive account and after reviewing every script. 4) If you cannot inspect the scripts (missing or remotely fetched), treat the skill as untrusted. 5) Consider disabling autonomous invocation for the agent or restricting this skill until you confirm its provenance and contents.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bw418erad6jt80wz0daares82e1tv
402downloads
0stars
1versions
Updated 6h ago
v0.1.0
MIT-0
@aloth
latest
Download

PowerSkills

Windows capabilities for AI agents via PowerShell. Each skill in skills/ is independently discoverable.

Setup

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSigned

Usage

.\powerskills.ps1 <skill> <action> [--param value ...]
.\powerskills.ps1 list                          # Discover available skills
.\powerskills.ps1 outlook inbox --limit 10       # Run an action

Output Format

All actions return JSON:

{"status": "success", "exit_code": 0, "data": {...}, "timestamp": "..."}

Configuration

Edit config.json:

{
  "edge_debug_port": 9222,
  "default_timeout": 30,
  "outlook_body_max_chars": 5000
}

Skills

SkillDescription
outlookEmail & calendar via Outlook COM
browserEdge automation via CDP
desktopScreenshots, window management, keystrokes
systemShell commands, processes, system info

Comments

Loading comments...