Device Control (Iyeque)
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly consistent with local device control, but it can force-close matching applications/processes and run shell commands, so it needs review before enabling agent use.
Install only if you are comfortable letting the agent change volume/brightness and open or close apps on your computer. Be especially cautious with close_app because it may force-kill matching processes; prefer asking for confirmation before any app-closing action.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could close or force-kill important apps, potentially interrupting work or causing data loss.
The close_app action uses pattern-based pkill on Linux/macOS and forced taskkill on Windows. This is purpose-related, but it can terminate multiple matching processes or unsaved work without a confirmation or preview step.
await execFilePromise('/usr/bin/pkill', ['-f', sanitizedApp]); ... await execPromise(`taskkill /IM "${sanitizedApp}.exe" /F`);Require explicit user confirmation for close_app, avoid forced termination by default, and preview or narrowly match the exact process before killing it.
The skill can run local system commands and open applications when invoked.
The skill intentionally uses local command execution to control the device and launch apps. The app name is allowlisted, so this appears purpose-aligned, but it remains a sensitive local execution capability.
const { exec, execFile } = require('child_process'); ... const subprocess = exec(`"${sanitizedApp}"`, { detached: true, stdio: 'ignore' });Only install if you want the agent to have local device-control authority, and keep the app allowlist/validation strict.
Installing the wrong or tampered nircmd.exe could introduce risk outside the reviewed skill code.
Windows volume support relies on a separately downloaded executable that is not pinned or provided by the skill. This is disclosed and optional, but users must obtain it safely.
**Windows/WSL:** `nircmd.exe` for volume control (download from nirsoft.net)
Download external binaries only from the official source, verify them where possible, and avoid placing untrusted executables earlier in PATH.