mano-cua
AdvisoryAudited by Static analysis on May 7, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken instruction or model error could click, type, or change content in apps that are open and visible.
This shows the skill can operate the user's desktop UI. The behavior is central to the skill's purpose and is described as bounded, but it can still change visible app or account state if the task directs it.
The agent performs bounded GUI actions (click, type, scroll, drag) only within the user-specified task scope
Use narrow task descriptions, prefer --app or --url, set --max-steps for risky tasks, watch the status panel, and use mano-cua stop if behavior looks wrong.
Sensitive information visible on the screen could be included in cloud inference screenshots.
The artifact discloses a provider/model data flow involving screenshots. This is expected for cloud visual automation, but screenshots may contain sensitive information visible on the primary display.
In cloud mode, only the primary-display screenshot is sent transiently via HTTPS for the current inference step
Use --local when possible, close or hide unrelated sensitive windows, and avoid cloud mode for confidential screens.
Installing the skill requires trusting the upstream Homebrew tap and released binary.
The runnable capability is provided by an external binary package rather than code included in the supplied artifacts. This is a normal install pattern, but the binary's implementation was not available for static review here.
brew | formula: Mininglamp-AI/tap/mano-cua | creates binaries: mano-cua
Verify the GitHub project and release source, keep the package updated, and install only from the documented upstream.