ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

dekstop-control-linux

v1.0.0

Safe Linux desktop automation (mouse/keyboard/screenshot) with approval mode and X11/Wayland checks.

2· 189·0 current·0 all-time
by@pabloraka
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and SKILL.md. The code implements mouse/keyboard/screenshot/recording/ocr/window ops and includes environment checks for X11/Wayland. No unrelated credentials, config paths, or unexpected binaries are demanded.
Instruction Scope
SKILL.md and the code focus on GUI automation and include reading screen contents (OCR), taking screenshots, recording, and reading /tmp/.X11-unix to detect DISPLAY. Examples show supplying credentials to login_form and running without approval (require_approval=False). The instructions do not direct data to external endpoints, but the skill can capture sensitive on-screen content and interact with apps, so its scope is broad by design.
Install Mechanism
No install spec is present (instruction-only skill with an included Python module). No downloads or external installers are embedded. Runtime does require common Python packages (pyautogui, pillow, etc.) and system utilities (scrot, xclip, wmctrl, xdotool, ffmpeg) which are reasonable for the declared functionality.
Credentials
The skill requires no environment variables or secrets. It does access environment state (DISPLAY, WAYLAND_DISPLAY, XDG_SESSION_TYPE) and filesystem paths such as /tmp/.X11-unix. It can type provided passwords and read screen/clipboard contents — appropriate for automation but sensitive in practice. The declared requirements align with the functionality.
Persistence & Privilege
always:false and no code modifies other skills. However, the skill supports running with require_approval=False; combined with the platform default that allows model invocation, an agent could autonomously execute GUI actions (open apps, type, take screenshots). This is not an incoherence but is an important operational risk to consider.
Assessment
This skill does what it says: programmatic control of your Linux desktop. Before installing or enabling it, consider: (1) Only run it on machines you trust — it can capture screenshots, record the screen, read text (OCR), and type arbitrarily. (2) Keep require_approval=True unless you explicitly want automated/unattended control; examples that set require_approval=False will let the agent act without interactive confirmation. (3) Avoid embedding real credentials in presets or workflow steps you register with the skill; the skill will type whatever you give it and can replay recorded actions. (4) Review and install only the Python/system packages you trust (pyautogui, ffmpeg, wmctrl/xdotool, etc.). (5) If you want to limit risk, disable autonomous model invocation for this skill or restrict its use to supervised sessions.

Like a lobster shell, security has layers — review code before you run it.

latestvk9721f32ynanmn1jh39g24v3en82r4yr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments