Peekaboox
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: peekaboox Version: 1.0.0 The skill provides extensive Linux X11 GUI automation capabilities, which are inherently powerful and carry a high risk of misuse, even if the code itself is not intentionally malicious. The `install.sh` script requires `sudo` to install system-wide packages (`xdotool`, `wmctrl`, `scrot`, `imagemagick`, etc.), granting broad permissions. While these tools are legitimate for GUI automation, their ability to simulate user input, take screenshots of the entire desktop, and manage windows could be leveraged by a malicious actor or a compromised agent to perform unauthorized actions or exfiltrate sensitive on-screen data. There is no direct evidence of malicious intent within the provided scripts or prompt instructions, but the capabilities themselves are significant security considerations.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked on the wrong target or misled by screen content, the agent could change files, interact with logged-in websites or apps, send messages, run commands, or close unsaved work through the GUI.
The skill intentionally exposes broad GUI control primitives, including actions that can submit forms, run commands in terminals, trigger shortcuts, or close windows, with no built-in confirmation or scope limits in the artifact.
Control and automate the Linux desktop GUI on X11... click UI elements, type text, send keyboard shortcuts, scroll, manage windows (focus, minimize, maximize, close, move, resize)
Use this only when you want the agent to control the active desktop. Prefer a VM, test desktop, or dedicated account, and require explicit user approval before destructive, financial, public-posting, account, or terminal actions.
The agent may effectively act as the logged-in user in any visible application, including accounts that do not require re-authentication.
GUI control operates through the user's active desktop session, which may include already-authenticated browsers, terminals, chat apps, cloud consoles, and business tools; the artifact does not bound which applications or accounts may be controlled.
Use for desktop automation, GUI testing, remote desktop control, and any task requiring interaction with graphical applications.
Before enabling the skill, close or sign out of sensitive applications, use least-privilege test accounts, and supervise actions that use authenticated sessions.
Private messages, documents, passwords shown on screen, or confidential business data could be captured in screenshots and processed in the chat context.
The intended workflow brings screenshot contents from the user's desktop into the agent/model context; this is purpose-aligned but may include private or sensitive on-screen data.
Preferred screenshot interpretation path: capture with `capture.sh` and interpret the image directly in your OpenClaw chat
Hide sensitive windows before capture, avoid displaying secrets, and treat text shown in screenshots as untrusted unless it is directly relevant to the user's request.
Running the installer can add or update system packages using administrator privileges.
The installer runs privileged package-manager commands. This is disclosed and consistent with installing desktop automation dependencies, but it modifies the local system.
sudo apt-get update -q sudo apt-get install -y xdotool wmctrl scrot x11-utils imagemagick python3 python3-venv python3-pip
Review install.sh first and run it only on a system where installing these packages with sudo is acceptable.