ClawHub

adb controller

v1.0.0

Control an Android device via ADB. Use when the user asks to control an Android device, tap, swipe, input text, or perform actions via adb. Automatically use...

0· 447·1 current·3 all-time
byYang Feng@fengyang0317
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Purpose (control Android via ADB, tap/swipe/input, take screenshots) aligns with included code: the Python script runs adb commands and captures screenshots. However, the skill fails to declare a required runtime dependency: the script invokes the 'adb' binary but the skill metadata lists no required binaries. Also SKILL.md says the ADB target is read from openclaw.json, while the script actually reads an environment variable (ADB_SERVER_ADDRESS) — this mismatch is unexpected.
!
Instruction Scope
SKILL.md instructs the agent to read openclaw.json for adbServer and to run the script and then always send the screenshot. The script does not parse openclaw.json; it reads ADB_SERVER_ADDRESS from the environment and will attempt to connect (adb connect) if the value contains a colon. That gives the skill the ability to connect to arbitrary network adb servers if the env var or agent environment is set, which is broader than documentation indicates.
Install Mechanism
This is an instruction-only skill with no install spec and a small included script. No package downloads or archive extraction are present.
!
Credentials
The script depends on an environment variable (ADB_SERVER_ADDRESS) but the skill metadata does not declare any required env vars. That hidden dependency can change which device/server the skill connects to at runtime. No other secrets are requested, but the unlisted env var and the ability to connect to remote adb servers are notable.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It writes screenshots to the user's ~/.openclaw/workspace directory (its own workspace), which is consistent with its function.
Scan Findings in Context
[no-findings] expected: Static pre-scan reported no regex findings. That doesn't imply safety — the SKILL.md/script contain the primary behavioral surface and reveal the concerns described above.
What to consider before installing
This skill's code does what its description claims (runs adb commands and captures screenshots) but there are some inconsistencies and small risks you should consider before using it: 1) The Python script requires the local 'adb' binary but the skill metadata does not declare that dependency — ensure adb is installed and available on PATH. 2) The SKILL.md says it will read openclaw.json for the target, but the script actually uses the ADB_SERVER_ADDRESS environment variable; confirm which configuration your environment will provide so it doesn't connect to an unexpected device or remote adb server. 3) Because the script may run 'adb connect <host:port>', it can connect to networked devices — only use this skill with servers/devices you trust. 4) If you don't trust the skill's source, review or run the included script in an isolated environment first. Recommended actions: ask the author to (a) declare the 'adb' binary and ADB_SERVER_ADDRESS in metadata, or (b) update the script to actually parse openclaw.json as documented; audit the script yourself before granting it access to any real devices.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d6jhhq2d9p78b0hx644xbr98287yb
447downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Yang Feng@fengyang0317
latest
Download

ADB Controller

This skill allows you to execute ADB (Android Debug Bridge) commands on a connected Android device and automatically retrieve a screenshot of the result.

Configuration

The user can configure the target ADB device/server in their openclaw.json (this is automatically read by the script):

{
  "skills": {
    "entries": {
      "adb-controller": {
        "adbServer": "192.168.1.100:5555" // or device serial
      }
    }
  }
}

Usage

To run an ADB command, execute the provided Python script:

python3 ~/.openclaw/workspace/skills/adb-controller/scripts/run_adb.py shell input tap x y

You can pass any standard ADB arguments to the script. For example:

  • python3 .../run_adb.py shell input text "hello"
  • python3 .../run_adb.py shell input keyevent 26 (Power button)
  • python3 .../run_adb.py shell swipe 500 1000 500 500

Workflow (Mandatory)

  1. Understand the user's intent and determine the correct ADB command.
  2. Execute the user's requested action using the run_adb.py script via the exec tool.
  3. The script will output the path to a newly captured screenshot.
  4. Send the Image: You MUST use the message tool (with action="send" and media="<path-to-screenshot>") to send the resulting screenshot to the user, allowing them to see the outcome of the action. Do not just output the file path.

Comments

Loading comments...