Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Computer Takeover
v1.0.0Full unattended remote control of paired devices (nodes) — screen capture, file management, shell commands, app control, camera, notifications, and process m...
⭐ 0· 31·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description claim full unattended remote control (screen, camera, shell, files, location, pairing). The SKILL.md contains commands that would perform those actions, so the capability matches the description — but the skill requests no credentials, no config paths, and provides no install or source code. For a capability that requires device pairing and gateway auth, the lack of declared auth/credential requirements or a provenance/homepage is disproportionate and unexplained.
Instruction Scope
Instructions explicitly tell the agent how to list nodes, run remote shells, capture screen/camera, read notifications and location, and manage files/processes. Those instructions are tightly scoped to remote-control tasks and do not, in themselves, ask the agent to read unrelated local files or exfiltrate data to arbitrary endpoints. However, the instructions do not describe consent, auditing, or safety checks for highly sensitive actions (camera, location, unattended shell/pairing), which is a meaningful omission.
Install Mechanism
This is an instruction-only skill with no install spec and no included code files — from an install-risk perspective nothing is written to disk by the skill. That reduces one class of supply-chain risk, but does not address the missing provenance/credentials issues.
Credentials
The skill requires highly sensitive capabilities (remote shell, camera, location, pairing) but declares no environment variables, credentials, gateway URLs, or config paths. A remote-takeover tool normally requires explicit credentials, tokens, or documented pairing/authentication flows; their absence is incoherent and increases the chance that the skill depends on implicit platform privileges or undisclosed mechanisms.
Persistence & Privilege
The skill is not set to always:true (good), but it enables autonomous invocation by default (platform default). Combined with the skill's invasive capabilities and lack of explicit auth/consent documentation, autonomous invocation materially increases risk: the agent could perform sensitive actions without the user fully understanding what permissions or audit controls are in place.
What to consider before installing
This skill claims full unattended control of other devices but provides no source, no homepage, and no explanation of how devices are authenticated or paired. Before installing: (1) ask the publisher for source code or an auditable implementation and a public homepage; (2) confirm exactly how pairing and gateway authentication work and require explicit, per-device user consent; (3) require scoped tokens/credentials and audit logging so actions are attributable; (4) do not enable autonomous invocation for this skill until you understand who can trigger it and how approvals are enforced; (5) if you cannot obtain clear provenance and an auth model, avoid installing — the capability is extremely sensitive and the current package lacks necessary safeguards.Like a lobster shell, security has layers — review code before you run it.
device-controlvk97371z9w4577ft6xxdst0hf7584npcslatestvk97371z9w4577ft6xxdst0hf7584npcsremote-accessvk97371z9w4577ft6xxdst0hf7584npcsunattendedvk97371z9w4577ft6xxdst0hf7584npcs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.