Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
screen reviewer
v1.0.0Monitor computer activities via periodic screenshots, extract text with OCR, and generate daily review reports with ROI analysis. Use when the user asks abou...
⭐ 0· 63·0 current·0 all-time
byDoris P@drpris
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code (capture daemon, OCR, report generator) aligns with the declared purpose (periodic screenshots → OCR → daily AI reports). Registering the skill for multiple agents via symlinks is consistent with the README. However the registry metadata claimed 'no install spec / instruction-only' and 'no required binaries/env vars', while the package clearly contains an install.sh, launchd integration, and runtime expectations — that mismatch is notable.
Instruction Scope
SKILL.md and the scripts instruct the agent/user to install and run a background daemon that captures full-screen screenshots, runs AppleScript to collect window titles, extracts OCR text, and writes image files and JSONL logs under ~/.screen-reviewer. It also asks the user to grant macOS Screen Recording and Accessibility permissions. The instructions rely on an API key environment variable (OPENAI_API_KEY by default) for full AI reports but include a fallback; they also instruct installing an auto-start launchd service which increases persistence. All of this is within the stated functional scope but involves sensitive data collection and persistent background operation — the instructions do not explicitly surface the privacy risks or require explicit consent at runtime beyond telling the user to grant macOS permissions.
Install Mechanism
There is no separate install spec in registry, but the repo includes install.sh which: creates a Python venv, pip-installs packages from requirements.txt (PyPI), attempts to compile a Swift OCR binary via swiftc, and creates symlinks in ~/.cursor/skills and ~/.codex/skills. service_manager.py can write launchd plists and load them (auto-start + KeepAlive). These actions write files to disk, register services with the OS, and fetch packages from PyPI — all expected for this feature set, but they are high-impact (persistence + network fetch). The package does not declare external binary requirements in the registry metadata (e.g., swiftc, screencapture/osascript availability) which is an inconsistency.
Credentials
Registry metadata lists no required env vars, but the default config expects an API key environment variable (config.report.api_key_env default OPENAI_API_KEY) for OpenAI/Anthropic use; report_generator reads env vars for OpenAI/Claude. The code supports multiple providers (openai, anthropic, ollama) and will attempt to call external APIs if keys/URLs are set. These environment dependencies are reasonable for AI report generation but should have been declared. Additionally, scripts optionally fall back to pytesseract for OCR, but pytesseract is not listed in scripts/requirements.txt (only Pillow, PyYAML, openai, anthropic), creating a capability/dependency mismatch.
Persistence & Privilege
The skill installs launchd agents (capture daemon and scheduled report) with KeepAlive and RunAtLoad, creates persistent directories under ~/.screen-reviewer (screenshots, logs, reports), and creates symlinks so multiple agents discover the skill. always:true is not set (good), but the skill grants itself OS-level persistence via launchd when the user runs the install command. Logs and reports are kept permanently (cleanup only removes screenshots by default), which raises long-term privacy exposure of sensitive captured images and OCR text.
What to consider before installing
This package does what it claims (periodically screenshots your screen, OCRs content, and generates AI reports), but it installs a persistent background service, writes screenshots and logs to ~/.screen-reviewer, and expects you to grant macOS Screen Recording and Accessibility permissions. Before installing:
- Accept that it will capture everything visible on your screen (including passwords, banking, messenger content) unless you carefully configure and test the blacklist and pause features.
- Note the project will create launchd services (auto-start and KeepAlive) and symlinks under ~/.cursor and ~/.codex; uninstall.sh attempts cleanup but logs/reports are preserved by default.
- The registry metadata omitted runtime requirements: an API key (OPENAI_API_KEY or configured env) is needed for full AI reports, and Swift/pytesseract may be required for OCR. The package’s requirements.txt does not include pytesseract, and macOS tools (screencapture, osascript, swiftc) are assumed present. Ask the author or inspect the install.sh and service_manager.py before running.
If you want to proceed safely:
- Run install in a disposable/test account or VM first.
- Inspect ~/.screen-reviewer contents and the created launchd plists before granting permissions and enabling install.
- Consider disabling automatic install of launchd services and running the daemon manually while you evaluate.
- If you need strict privacy, do not install: the feature set inherently collects highly sensitive data and retains logs/reports by default.
What would change this assessment: explicit registry metadata listing required env vars and binaries (OPENAI_API_KEY, ANTHROPIC_API_KEY, swiftc, tesseract), removal or clearer user confirmation for auto-start persistence, and an opt-in flow that warns about retention and sensitive data collection.Like a lobster shell, security has layers — review code before you run it.
latestvk975d30ymp8ynca5ys5ebzb10n83w522
License
MIT-0
Free to use, modify, and redistribute. No attribution required.