ClawHub

Peekaboo Linux Gnome Wayland Computer Use

Security checks across malware telemetry and agentic risk

Overview

This skill openly enables unattended screenshotting and control of a GNOME desktop, but the persistent remote-control setup is broad enough that users should review it carefully before installing.

Install only on machines where you intentionally want an agent to see the desktop and control the mouse and keyboard as the logged-in user. Prefer a dedicated low-privilege account or isolated host, avoid sensitive apps on that session, keep SSH/RDP LAN- or VPN-scoped, use window-scoped capture when possible, and disable autologin, ydotoold, lingering, and RDP when not actively needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents full-desktop screenshot capture and remote retrieval over SSH without a prominent privacy warning or consent model. This can expose sensitive on-screen content such as credentials, messages, documents, and multi-monitor data, especially because the skill emphasizes unattended and remote operation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill provides unattended input injection and UI automation against the live desktop session with no strong safety constraints. That enables accidental or unauthorized clicks, typing, confirmation of prompts, destructive file operations, or interaction with security dialogs in the user's active session.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document provides detailed instructions to install and persist synthetic input capability via ydotool/ydotoold, including granting access to /dev/uinput and enabling a user service with lingering, but it does not present an explicit security warning about the consequences. Synthetic input gives an agent the ability to interact with the desktop as the user, approve prompts, alter security settings, and drive other applications, which materially increases compromise impact on a Wayland desktop.

Natural-Language Policy Violations

Low
Confidence
87% confidence
Finding
The guide recommends autologin to ensure unattended recovery after reboot, but this weakens local physical security by automatically creating an unlocked user session on startup. In the context of a skill whose purpose is unattended computer control, this materially lowers barriers to misuse if the machine is accessible or shared.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This documentation gives concrete instructions for synthesized mouse/keyboard input and system-altering desktop configuration without any explicit warning about safety, scope, or operator confirmation. In the context of a desktop-control skill, that increases the chance an agent or user will apply the technique to the wrong window, trigger unintended actions, or modify system state during automated operation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This code saves captured screen content directly to disk, including potentially sensitive application windows, credentials, messages, or regulated data, without any runtime notice, consent check, or restrictive file-permission handling. In the context of an autonomous desktop-control skill, silent persistence materially increases privacy and data-exfiltration risk because screenshots become durable artifacts beyond transient processing.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script invokes gnome-screenshot to capture the desktop without presenting any runtime warning that all visible content may be collected, including secrets from unrelated applications or monitors. Given this skill's purpose is unattended GNOME/Wayland computer control, that context makes the behavior more dangerous because bulk screen capture is a core capability that can be used for surveillance or collection of sensitive data without user awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal