ClawHub

Claw Keyboard

v1.0.4

Control keyboard RGB backlight, custom LEDs, macros, key mapping, and profile settings via USB HID. Use when the user asks to control keyboard lighting, mana...

0· 131·0 current·0 all-time
by任嘉@dionren
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill is an instruction-only wrapper around a native binary named 'claw-keyboard' and claims to control USB HID keyboards (RGB, macros, keymap, profiles). Requiring the 'claw-keyboard' binary is coherent with that purpose; no unrelated credentials, files, or services are requested.
Instruction Scope
SKILL.md lists only commands for discovering and controlling keyboards (rgb, led, keymap, macro, profile, KLE render). It explicitly marks destructive operations (factory reset, overwriting keymaps/macros) as requiring explicit user confirmation and warns not to run them autonomously. The instructions do not request environment variables or access to unrelated system files.
Install Mechanism
The SKILL.md includes download-based install entries pointing to GitHub Releases (good: a well-known host). However the URLs use the 'latest' release path, which is mutable and increases supply-chain risk compared with pinned versioned releases and checksums. Also, registry metadata indicated 'No install spec' while SKILL.md contains install entries — this mismatch should be clarified.
Credentials
No environment variables, credentials, or unrelated config paths are requested. The skill's access needs (direct USB HID interaction via the binary) are proportional to controlling a keyboard.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. Model invocation is allowed (normal platform default), but because the skill can perform destructive hardware actions, you should rely on the SKILL.md requirement for explicit user confirmation. If you do not want any chance of autonomous hardware modification, consider disabling autonomous invocation for this skill at install-time.
Assessment
This skill appears to do what it says (control USB keyboards) and only needs the 'claw-keyboard' binary. Before installing, verify the binary's provenance: prefer a release pinned to a specific version and verify checksums if available rather than using the 'latest' download links in SKILL.md. Inspect the upstream GitHub repo (https://github.com/clawdevice/claw-keyboard) and release artifacts; avoid running the binary as an administrator/root user if possible. Be cautious about destructive commands (factory reset, write keymap, erase macros) — the skill’s docs say they require explicit confirmation, but you should still only run them yourself. Finally, clarify the mismatch between the registry metadata (which said no install spec) and the SKILL.md install entries; if you want to eliminate autonomous risk, disable model/autonomous invocation so the agent cannot run hardware-modifying commands without your approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d2f8zb94gzxggksg5vyps6583bccj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⌨️ Clawdis
OSmacOS · Linux · Windows
Binsclaw-keyboard

Comments