ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claw Mouse

v0.1.0

Control a Linux X11 desktop by taking screenshots and moving/clicking/typing via xdotool + scrot.

2· 670·2 current·2 all-time
byRylen Anil@rylena
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the CLI wraps scrot for screenshots, xdotool for mouse/keyboard/window control, and xdg-open/gio as a URL opener. Required binaries (python3, xdotool, scrot) are exactly what the skill needs.
Instruction Scope
SKILL.md instructs use of DISPLAY and XAUTHORITY (and shows flag/ENV usage) which is necessary to access an X11 session. The instructions explicitly warn that the skill can click/type into a real desktop. There are no steps that read or transmit unrelated files or network endpoints beyond opening URLs via a local opener.
Install Mechanism
No install spec; instruction-only skill with one included Python script. Nothing is downloaded from external URLs or written to unexpected system locations.
Credentials
No credentials are declared or required. The tool uses DISPLAY and an XAUTHORITY cookie path (defaults to $HOME/.Xauthority) to interact with X11 — this is appropriate for desktop control but the XAUTHORITY cookie is sensitive because possession grants session access. The skill does not exfiltrate that file, but it does rely on it to operate.
Persistence & Privilege
always is false and there is no installation that modifies other skills or system-wide settings. The skill can be invoked autonomously by the agent (platform default); combined with desktop-control capability this increases risk in practice but is expected for such skills.
Assessment
This skill appears to do what it claims: control an X11 desktop via scrot/xdotool. However, running it (or granting an agent access to it) allows automated mouse movement, clicks, typing, window activation, and opening URLs in your real desktop session. Before installing/using: (1) review the desktopctl.py source (it's short and readable); (2) do not supply your main session's XAUTHORITY cookie to untrusted agents — prefer running in a disposable X session or VM; (3) avoid running as root or exposing sensitive windows while testing; (4) ensure xdotool/scrot are installed from your distro package repository; and (5) require explicit user confirmation for any autonomous runs that will control your real desktop.

Like a lobster shell, security has layers — review code before you run it.

latestvk972xgyy1s0k4mj1fx3mgk18g581cd66

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3, xdotool, scrot

Comments