MacOS Desktop Control (Mouse, Keyboard, Screenshots)
Security checks across malware telemetry and agentic risk
Overview
The skill is transparent about being a macOS GUI automation bridge, but it gives an agent broad screenshot and keyboard/mouse control without clear action limits or confirmation guidance.
Use this only if you are comfortable giving an agent the ability to see your screen and operate your mouse and keyboard. Keep sensitive windows closed, verify the cliclick install, and require manual confirmation before any action that could send, delete, purchase, log in, change settings, or affect third-party accounts.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked at the wrong time or misdirected by on-screen content, the agent could click or type into any visible application and cause real changes.
This gives the agent broad mouse and keyboard control, including typed input, with no documented approval boundary for sensitive actions such as submitting forms, changing settings, deleting files, or interacting with accounts.
Supports all `cliclick` standard notation including `w:` (wait) and `t:` (type).
Install only if you intentionally want broad desktop automation, and require human confirmation before actions that submit, delete, purchase, send messages, change settings, or affect accounts.
Anything visible on screen, including messages, documents, credentials, or account pages, may be captured for the agent to inspect.
The skill captures the full current screen to a predictable temporary file for agent analysis; this is purpose-aligned, but visible private information may enter the agent context.
screencapture -x /tmp/claw_view.png
Hide sensitive windows before using the skill and delete /tmp/claw_view.png when no longer needed.
The skill will not work safely unless the expected cliclick binary is installed from a trusted source.
The skill depends on an external Homebrew package that is not declared in the registry requirements or install spec; this is expected for the purpose, but users must separately trust and install that binary.
brew install cliclick
Verify the Homebrew package source and installed path before granting the skill desktop-control permissions.