Back to skill

Security audit

MacOS Desktop Control (Mouse, Keyboard, Screenshots)

Security checks across malware telemetry and agentic risk

Overview

This skill honestly describes macOS screen capture and mouse/keyboard control, but it gives an agent broad desktop authority without clear safeguards or privacy handling.

Install only if you intentionally want an agent to see your entire macOS screen and operate your mouse and keyboard. Close sensitive windows first, verify the cliclick binary source, delete /tmp/claw_view.png when done, and require manual approval before actions that submit, delete, purchase, send messages, change settings, or affect accounts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill exposes synthetic mouse and keyboard control without warning that it can trigger destructive actions such as sending keystrokes to the wrong window, confirming prompts, modifying files, or interacting with security-sensitive dialogs. In this context, the capability is inherently high-risk because it can directly affect system state and user data, so omitting a clear warning increases the chance of unsafe use.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill captures the current screen and writes it to /tmp/claw_view.png, but the description omits any privacy warning about potentially collecting sensitive on-screen information such as passwords, messages, documents, or customer data. This is more dangerous in context because the skill is designed for broad desktop perception, making incidental capture of confidential data likely during normal use.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script silently captures the user's screen and writes the image to a predictable location in /tmp without any notice, consent, or contextual gating. On-screen content commonly includes sensitive information such as messages, credentials, tokens, internal documents, or personal data, so covert collection creates a real privacy and data-exposure risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.