Back to skill
Skillv1.0.1
ClawScan security
Windows Skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 3:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The package is internally consistent with a Windows desktop automation tool: the code, instructions, and dependencies match the stated purpose and it doesn't request unrelated credentials or system-wide access.
- Guidance
- This skill appears to do what it advertises (screenshots, OCR, image-based locating). Before installing: (1) verify you trust the skill source since it will install third-party Python packages via pip; (2) install and verify a local Tesseract binary if you need OCR; (3) be aware the code can simulate mouse clicks and enumerate windows—if you allow the agent to run autonomously it could interact with your desktop, so disable autonomous invocation or test in a sandbox if you are unsure; (4) inspect the Python files yourself or run them in a controlled environment to confirm behavior before granting broader use.
Review Dimensions
- Purpose & Capability
- okName/description (screenshots, OCR, image-based UI location) align with included Python modules. The included files implement screenshot capture (mss/ctypes), OCR (pytesseract/Pillow), and image location (OpenCV/pyautogui), all expected for this functionality.
- Instruction Scope
- okSKILL.md instructs installing the listed Python packages and using the provided functions. Runtime instructions only reference screenshot files, Tesseract path, and image templates; they do not read unrelated files, request secrets, or send data to external endpoints.
- Install Mechanism
- noteThis is an instruction-only skill that recommends pip installing packages (mss, pytesseract, pillow, pyautogui, opencv-python, numpy). Using pip is common but introduces the usual supply-chain considerations (trust the PyPI packages being installed). There is no download-from-URL or archive extraction in the install spec.
- Credentials
- okNo credentials or config paths are required. The only environment consideration in code is an optional TESSERACT_CMD env var to locate the local tesseract binary (reasonable for OCR). No unrelated secrets or multiple service tokens are requested.
- Persistence & Privilege
- noteSkill is not always-enabled and does not request elevated platform privileges. However, it can perform input actions (pyautogui click) and enumerate windows via Windows APIs—if the agent is allowed to invoke skills autonomously, that ability could control the desktop; consider whether you want autonomous execution enabled.