GUI Automation
PassAudited by ClawScan on May 10, 2026.
Overview
This skill openly provides high-impact desktop automation, but the artifacts disclose the risks and recommend temporary, localhost-only use.
Install only if you intentionally want OpenClaw to control your desktop. Keep the CUA server temporary and localhost-only, verify the third-party package before installing, supervise actions, and stop the server when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the local CUA server is running, desktop actions could affect files, apps, browser sessions, or accounts visible in the user session.
This gives the agent high-impact control over the active desktop session, including the ability to interact with applications and capture screen contents.
The server can simulate keyboard, mouse, and take screenshots
Run the server only when needed, keep it bound to localhost, supervise activity, and avoid using it while sensitive apps or accounts are open unless necessary.
Installing the wrong, compromised, or unexpected package version could grant desktop-control privileges to untrusted code.
The skill relies on installing a third-party package that controls the desktop; the instruction is disclosed and user-directed, but the package version is not pinned in the artifact.
pip install cua-computer-sdk
Verify the package source, publisher, and version before installing; prefer a reviewed or pinned version when possible.
A local process will run with the user's normal privileges and can receive commands to automate the desktop.
The skill requires the user to run a local server process; this is central to the purpose and the artifact recommends a localhost-only, temporary setup.
cua-server start --port 8000 --bind 127.0.0.1
Start it manually in the foreground when needed, stop it when finished, and do not expose the port to the network.
If left running in the background, the desktop-control server may remain available longer than intended.
The artifact documents a background-process option, but also says persistent/system service installation is not required and recommends temporary foreground use.
Run in background for current session only
Use foreground mode where possible, record the process ID if backgrounded, and stop the server after the task is complete.