Midscene Automations Skills for HarmonyOS
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill fits its HarmonyOS automation purpose, but it needs review because it can broadly control a connected device, including raw device shell commands, and may process screenshots through external model APIs.
Review this skill before installing if you will connect a real device. Prefer a dedicated test device and test accounts, trust and pin the Midscene package/provider, and instruct the agent to ask before any raw HDC shell command, deletion, account change, purchase, message sending, or other irreversible action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on a real device, the agent could run low-level commands or make device changes beyond simple visual testing, especially if the user gives an ambiguous task.
The skill gives the agent Bash access and documents an arbitrary raw HDC shell command path to the connected device, which is broader than scoped UI automation and is not paired with clear confirmation or command-scope limits.
allowed-tools:\n - Bash\n...\n### Run a Raw HarmonyOS Shell Command\n...\nnpx -y @midscene/harmony@1 runhdcshell --command "hidumper -s RenderService -a screen"\n\nThis is forwarded to `hdc shell` on the connected device.
Use only with trusted test devices, require explicit approval for raw shell commands or destructive actions, and avoid connecting personal devices with sensitive data.
The user is relying on the external Midscene npm package and its updates to safely handle device control and screenshots.
The skill's main behavior depends on downloading and executing an external npm package at runtime. This is central to the stated purpose, but the package code is not included in the provided artifacts and the version is pinned only to major version `@1`.
Automate HarmonyOS NEXT devices using `npx -y @midscene/harmony@1`.
Install only if you trust the Midscene package source, and consider pinning or reviewing the exact package version in controlled environments.
A model API key may incur costs or grant access to the user's model provider account if mishandled.
The skill requires a model provider API key and related configuration. This is expected for Midscene's visual model use, but it is sensitive credential material and is not declared in the registry requirements.
MIDSCENE_MODEL_API_KEY="your-api-key"\nMIDSCENE_MODEL_NAME="model-name"\nMIDSCENE_MODEL_BASE_URL="https://..."\nMIDSCENE_MODEL_FAMILY="family-identifier"
Use a limited-scope API key where possible, store it securely, and remove it from shared project directories or logs.
Screenshots can contain private messages, account details, app data, or other sensitive information that may be sent for model inference depending on the provider configuration.
The skill's visual automation relies on screenshots and external model configuration, implying that screen contents may be analyzed by the configured model provider. This is purpose-aligned, but users should be aware of the data boundary.
Operates entirely from screenshots — no DOM or accessibility labels required.\n...\nMidscene requires models with strong visual grounding capabilities.
Use test accounts and test devices when possible, avoid displaying secrets during automation, and review the privacy terms of the configured model provider.