Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Desktop Control
v1.0.0Advanced desktop automation with mouse, keyboard, and screen control
⭐ 292· 45.5k·397 current·427 all-time
by@matagul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, SKILL.md, and the included Python code all describe and implement desktop automation (pyautogui-based mouse/keyboard control, screenshots, window management, clipboard). There are no unrelated environment variables, binaries, or install steps requested that would be inappropriate for this purpose.
Instruction Scope
Runtime instructions and code operate within the expected scope: moving/clicking the mouse, typing keys, taking screenshots, finding images on screen, and reading/writing the clipboard. These actions are sensitive (can capture screen contents and clipboard) but are directly relevant to the stated functionality; I saw no instructions to read unrelated system files, environment variables, or to send data to external endpoints.
Install Mechanism
No automatic install spec is included. SKILL.md instructs the user to pip install reasonable dependencies (pyautogui, pillow, opencv-python, pygetwindow, pyperclip) — conventional for this functionality. There are no downloads from untrusted URLs or extract/install steps in the skill metadata.
Credentials
The skill does not request any environment variables, keys, or credentials. The operations (desktop control, screenshots, clipboard) do not require cloud credentials and none are declared, which is proportionate to its purpose.
Persistence & Privilege
always is false and there are no install hooks that persist automatically. However, the package includes an autonomous AIDesktopAgent class and the platform default allows model invocation (disable-model-invocation=false). That means an agent could invoke this skill autonomously to control the desktop — a normal platform capability but one that increases risk because the skill can take screenshots and control input.
Assessment
This skill appears to be what it claims: powerful desktop automation using pyautogui. Before installing or running it, consider the following:
- Understand the power: it can move your mouse, type, press hotkeys, capture screenshots, and read/modify the clipboard — all of which can expose sensitive data or cause actions on your machine. This is expected behavior for a desktop-automation skill, not a hidden backdoor.
- Prefer running in a safe environment: test in a disposable VM, non-production account, or on a system without sensitive documents open. Close important apps before running demos.
- Use safety options: enable failsafe (move mouse to corner to abort) and set require_approval=True if you want manual confirmation for each action. Review demos before running them.
- Beware of autonomous invocation: if you allow the agent to invoke skills autonomously, it could run sequences without your interactive confirmation. If you do not trust the skill/user code, disable autonomous invocation or only allow manual/user-invoked runs.
- Review the code: if you plan to run this long-term, inspect the full ai_agent.py and any truncated parts for network calls or code that might upload screenshots/clipboard data. The provided fragments show no network exfiltration, but the files were truncated in places — verify the remaining code sections yourself.
- Install dependencies from official sources and avoid running unknown binaries. If you need to grant broader privileges (e.g., run as admin), reconsider usage.
If you want, I can scan the remaining truncated portions (full ai_agent.py and __init__.py) for any network calls, hidden endpoints, or suspicious behaviors to raise confidence further.Like a lobster shell, security has layers — review code before you run it.
latestvk977ba9ex3zwfbe3pejrdvtd6180kxft
License
MIT-0
Free to use, modify, and redistribute. No attribution required.