ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Linux GUI Control

v1.0.0

Control the Linux desktop GUI using xdotool, wmctrl, and dogtail. Use when you need to interact with non-browser applications, simulate mouse/keyboard input, manage windows, or inspect the UI hierarchy of applications on X11/GNOME. Supports: (1) Clicking/typing in apps, (2) Resizing/moving windows, (3) Extracting text-based UI trees from apps (A11y), (4) Taking screenshots for visual analysis.

8· 10.3k·21 current·23 all-time
by@dreamtraveler13
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the included scripts and README: scripts call xdotool/wmctrl/scrot and the Python file uses dogtail to dump the AT-SPI accessibility tree. Nothing in the files requests unrelated credentials, config paths, or external services; the capabilities (click/type/activate/list/screenshot/inspect) are exactly what the skill claims.
Instruction Scope
Instructions are focused on window listing, activating, simulating input, taking screenshots, and reading accessibility trees. However, the README explicitly recommends killing and relaunching Electron apps with a --force-renderer-accessibility flag using pkill and nohup, which will stop and restart user processes (affecting user state). The scripts do not perform network calls or read arbitrary local files, but taking screenshots and dumping UI text can expose sensitive on-screen data — the skill does not include safeguards or explicit consent steps for that.
Install Mechanism
No install spec is provided (instruction-only with two helper scripts). This minimizes supply-chain risk. The skill assumes external binaries (xdotool, wmctrl, dogtail, scrot) are present on the system but does not attempt to install them.
Credentials
No environment variables, credentials, or config paths are requested. The requested capabilities (controlling GUI and using AT-SPI) are proportional to the stated purpose. Note: AT-SPI/dogtail access implicitly requires that accessibility services are enabled and that the agent has permission to interact with the desktop session.
Persistence & Privilege
always:false and no special persistence or modification of other skills or system-wide agent settings. The skill can be invoked by the agent (default model invocation allowed), which is normal; because it controls the GUI, autonomous invocation could have impact, but there is no special permanent privilege requested.
Assessment
This skill appears to do exactly what it says: automate and inspect the Linux GUI using xdotool/wmctrl/dogtail/scrot. Before installing, consider: (1) It can simulate keyboard/mouse and take screenshots — that can expose sensitive information on-screen. (2) The README suggests using pkill/nohup to restart apps with flags; that will terminate and restart your applications and may change their behavior. (3) The skill assumes the listed tools are installed but does not install them. (4) If you will allow the agent to invoke this skill autonomously, limit its permissions or run it in a controlled environment (VM or disposable session) to reduce risk of unintended input or data capture. If you need network-safe behavior, ensure your agent or environment prevents automatic upload of screenshots or dump output to external endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97azfkpt2hyk6fgtm2pccdbnd80bk4z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments