Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Xdotool Control
v1.0.0Mouse and keyboard automation using xdotool. Use when clicking Chrome extension icons, typing into GUI apps, switching browser tabs, automating desktop UI, o...
⭐ 1· 672·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (xdotool-based desktop automation) match the included scripts and SKILL.md. All required commands (xdotool, scrot, optional ImageMagick) are appropriate for the claimed tasks. There are no unrelated cloud credentials, external APIs, or binaries requested that would be inconsistent with a GUI automation skill.
Instruction Scope
Instructions stay within desktop automation: finding windows, focusing, moving mouse, typing, taking screenshots, and using template-matching. A few items warrant attention: (1) the SKILL.md explicitly suggests 'Read screenshots with Claude's Read tool' — using the model to read screenshots may upload sensitive GUI content to the external model service; (2) there's a small snippet to send a 'Yes' into a tmux session (automating acceptance for a 'claude-session'), which can be used to approve prompts or automated flows — this is powerful and could be abused if misused. Otherwise the runtime steps are explicit and limited to local interactions.
Install Mechanism
This is an instruction-only skill with bundled scripts — no install spec that fetches remote code. All code is provided in the bundle; runtime depends on common distro packages (xdotool, scrot, imagemagick). No downloads from arbitrary URLs or archive extraction were found.
Credentials
The skill requests no environment variables, credentials, or config paths. The scripts only read local window state and write screenshots to /tmp. No secret-typed environment variables are required or referenced.
Persistence & Privilege
always is false and the skill does not request elevated/system-wide persistence. It does include an optional tmux automation pattern that targets a session named 'claude-session', but this operates at the user level and does not alter other skills or global agent config.
Assessment
This skill appears to be what it claims — a local Linux desktop automation helper using xdotool — but it gives the agent the ability to move the mouse, send keystrokes, and take screenshots. Before installing or enabling it, consider: 1) Only install if you trust the skill owner and you need local GUI automation. 2) Review the included scripts (they are bundled and readable) and do not run them as root. 3) Be cautious about using the skill together with any model-image-reading tool: screenshots saved to /tmp may contain passwords, auth cookies, or other sensitive UI state and may be transmitted to the model service when you use the 'Read' tool. 4) Note the tmux approve snippet — it can programmatically send confirmations into sessions (e.g., 'Yes' to a claude-session); ensure that's acceptable in your environment. 5) Because SKILL.md references an absolute path (~/.openclaw/workspace/skills/xdotool-control/...), confirm where your platform will place scripts so the sample invocations work. If you want additional assurance, run the scripts in a sandboxed user account or VM first, and avoid enabling autonomous invocation if you don't want the agent to trigger GUI actions without explicit user requests.Like a lobster shell, security has layers — review code before you run it.
latestvk97ega0e60kakagthhyw0mzcks81qppp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.