ClawHub

tencent cvp skill

v1.0.1

All-in-one Android phone automation via ADB: screen analysis, touch/input, foreground app detection, app install. Use for any task that involves operating th...

0· 107·0 current·0 all-time
byalecxu@cobeizailin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Skill name/description references 'Tencent Cloud Virtual Phone' but the runtime instructions are plain ADB commands for interacting with an Android device (uiautomator dump, screencap, input, am start, dumpsys, etc.). This is internally consistent (Tencent CVP can expose ADB), but the description could mislead users into expecting cloud API calls or credentials — none are required.
Instruction Scope
Instructions stay within the stated purpose (observe screen, interact, detect foreground app, install). They reference device files (/sdcard/window_dump.xml, /sdcard/screen.png) and local pulls (/tmp/screen.png) which are appropriate for ADB-based automation. One notable guidance: 'Last resort: web search for APK download' — this legitimately supports 'app install' but encourages obtaining APKs from the web, which increases risk of installing untrusted/malicious software onto the device.
Install Mechanism
No install spec and no code files — instruction-only. That minimizes on-disk persistence and supply-chain risk.
Credentials
The skill requires the adb binary only and declares no environment variables or credentials. There are no requests for unrelated secrets or config paths.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges or attempt to modify other skills or system-wide agent settings. Autonomous invocation is allowed by default but is not a property unique to this skill.
Assessment
This skill is coherent for automating Android devices via adb. Before installing or running it, ensure you only connect it to test or disposable devices (not your personal phone), because the agent can run taps, keyevents, and install APKs. Pay special attention to any flow that downloads and installs APKs from the web — prefer official app stores or vetted APKs. If you want to limit risk, use the skill manually rather than allowing autonomous invocation, or run it against an emulator/isolated device. Also be aware the name suggests a Tencent cloud service but the skill itself uses direct ADB access; no cloud credentials are needed.

Like a lobster shell, security has layers — review code before you run it.

latestvk978e1gb4g4r6cqc0zn8eckchh834wkf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis
OSLinux · macOS
Binsadb

Comments