ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Windows Native Dialog

v1.0.2

Handles native Windows file picker dialogs from WSL2 using exec and PowerShell

0· 132·0 current·0 all-time
by@owlock
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (handle native Windows file pickers from WSL2 via exec+PowerShell) matches the instructions: it uses /mnt/c/.../powershell.exe to run a Windows-side python script. However, the skill metadata declares no required binaries while the runtime instructions clearly rely on powershell.exe and a Windows Python interpreter/script — these should have been declared.
!
Instruction Scope
Runtime instructions explicitly tell the agent to execute a Windows PowerShell command that runs a local python script (C:\path\to\script.py). That requires reading/executing arbitrary files on the host and gives the agent the ability to run any code on the Windows side. The SKILL.md also instructs setting tools.allow to include group:fs and group:runtime, broad permissions that enable file access and arbitrary command execution. The instructions do not specify where script.py comes from or require the user to vet its contents.
Install Mechanism
There is no install spec and no files beyond SKILL.md, so nothing is written to disk by the skill itself. This lowers installation risk.
!
Credentials
The skill requests (in SKILL.md) enabling broad tool groups (browser, runtime, fs, web) to work, but the registry metadata lists no required env vars or binaries. Asking for filesystem and runtime execution rights is proportionate to the stated goal, but it is a sensitive capability and should be clearly declared and justified in the metadata and documentation.
Persistence & Privilege
The skill is not always-enabled and does not request persistent presence or modify other skills' configs. Agent autonomous invocation is allowed (platform default) but not by itself a problem.
What to consider before installing
This skill will ask the agent to run Windows-side PowerShell commands from WSL2 that execute a local Python script. That gives the agent the ability to run arbitrary code on your Windows host and access files. Before installing or using it: (1) verify and inspect any script referenced (C:\path\to\script.py) — do not run unknown scripts; (2) prefer the skill declare required binaries (powershell.exe, python) and the exact commands it will run; (3) only enable the requested tool groups (fs/runtime) for this skill if you trust it and have reviewed the scripts; (4) consider running this workflow in an isolated/test environment rather than a primary machine. The metadata omission (no required binaries listed) and the broad runtime/fs permissions are why this skill is suspicious rather than clearly benign.

Like a lobster shell, security has layers — review code before you run it.

facebookvk977y9r8jr8n84sww70w3j1cth83f4jbfile-uploadvk977y9r8jr8n84sww70w3j1cth83f4jblatestvk977y9r8jr8n84sww70w3j1cth83f4jbpowershellvk977y9r8jr8n84sww70w3j1cth83f4jbwindowsvk977y9r8jr8n84sww70w3j1cth83f4jbwsl2vk977y9r8jr8n84sww70w3j1cth83f4jb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments