ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claw Use — Device Control for AI Agents

Control physical devices over HTTP with unified commands for screen reading, input actions, app launch, navigation, and audio output using the Claw Use proto...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 21 · 0 current installs · 0 all-time installs
by傅洋@4ier
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a coherent device-control protocol (HTTP API, cu CLI, endpoints for screen, tap, screenshot, TTS, etc.), which matches the skill name and description. However, the doc requires token-based auth (X-Bridge-Token) yet the registry metadata declares no required credentials or primaryEnv. That omission is notable: a real integration would usually declare how tokens are supplied.
!
Instruction Scope
Runtime instructions permit reading UI trees, screenshots, notifications, and performing input/launch actions — all expected for device control but high-impact. SKILL.md also contains a contradiction: Device State says 'unlock (PIN required for unlock)' but Tips state 'Auto-unlock is transparent: locked devices auto-unlock before any command.' That discrepancy affects security assumptions (automatic unlocking vs requiring PIN). The instructions do not limit or describe how sensitive data (screenshots, notifications) should be handled or transmitted.
Install Mechanism
This is instruction-only with no install spec or bundled code, which is low-risk from a supply chain perspective. The skill expects the 'cu' CLI to be installed but doesn't provide an install mechanism — acceptable but the absence of an official install source or guidance in metadata reduces transparency.
!
Credentials
The protocol requires token auth via X-Bridge-Token per the docs, but the registry metadata lists no required environment variables or primary credential. The skill also suggests optional Tailscale use for remote access (which would require separate credentials/config). Requesting no declared credentials while describing token-based auth is inconsistent and leaves unclear how secrets are expected to be supplied or stored.
Persistence & Privilege
always:false (no forced persistence). The skill can be invoked autonomously by the agent (platform default). Given this skill allows remote control of physical devices (taps, unlocks, app launches, screenshots), autonomous invocation increases risk; consider restricting autonomous use or requiring explicit user approval for commands that affect devices or capture content.
What to consider before installing
This skill appears to be a genuine device-control protocol, but a few gaps warrant caution. Before installing or enabling it: 1) Confirm how authentication tokens are provided and stored — the skill mentions X-Bridge-Token but declares no required credentials; avoid giving long-lived tokens unless you trust the implementation. 2) Clarify the unlock behavior — does the agent really auto-unlock devices, and under what conditions? Auto-unlock can let the agent access locked device contents. 3) Restrict autonomous invocation or require explicit user confirmation for sensitive actions (screenshots, reading notifications, unlocking, sending intents). 4) Only use implementations you trust (verify the cu CLI source or the device-side implementation), run device control on isolated networks when possible, and avoid exposing control ports to the public internet. 5) If the publisher can provide updated metadata (declared required credentials, install instructions, and a security/privacy page), that would reduce uncertainty and could change this assessment to benign.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97d8m7pttbwt8jgb81gyv8hxs8301m9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Claw Use — Device Control for AI Agents

Give your AI agent eyes, hands, and a voice on real devices.

Claw Use is a protocol + skill for AI agents to control physical devices over HTTP. The cu CLI provides a unified interface — the same commands work across any device that implements the Claw Use API.

Supported Devices

PlatformImplementationStatus
Androidclaw-use-android✅ Available
iOSclaw-use-ios🔮 Planned
Desktopclaw-use-desktop🔮 Planned

Prerequisites

  • cu CLI installed (ships with claw-use-android, or install standalone)
  • At least one device running a Claw Use implementation
  • Device and agent on the same network (or connected via Tailscale)

Setup

# Add a device with a friendly name
cu add redmi 192.168.0.105 <token>
cu add pixel 100.80.1.10 <token>

# List devices
cu devices
# ▸ redmi  192.168.0.105  online v1.2.0
#   pixel  100.80.1.10    offline

# Switch default
cu use pixel

# Target a specific device
cu -d redmi screenshot

Core API (all platforms)

Every Claw Use implementation exposes the same HTTP endpoints:

Perception — read the device

cu screen              # UI tree (semantic: element text, bounds, state)
cu screen -c           # compact mode (interactive elements only)
cu screenshot          # visual capture (JPEG, configurable quality)
cu notifications       # system notifications
cu status              # device health dashboard

Action — control the device

cu tap <x> <y>         # tap coordinates
cu click <text>        # tap by visible text (semantic click)
cu type "text"         # type text (CJK supported)
cu swipe up|down|left|right
cu scroll up|down|left|right
cu back / cu home      # system navigation
cu launch <app>        # open an application
cu open <url>          # open URL
cu intent '<json>'     # platform-specific intent (Android)

Audio

cu tts "hello"         # speak through device speaker
cu say "你好"          # alias

Device State

cu wake                # wake screen
cu lock / cu unlock    # lock/unlock (PIN required for unlock)

Workflow Patterns

Navigate and interact

cu launch org.telegram.messenger
cu screen -c                        # see what's on screen
cu click "Search"
cu type "John"
cu click "John, last seen recently"
cu type "Hey!"
cu click "Send"

Visual + semantic dual-channel

cu screen -c                         # semantic: what elements exist
cu screenshot 50 720 /tmp/look.jpg   # visual: what it actually looks like

Multi-device orchestration

cu -d phone1 launch com.whatsapp
cu -d phone2 screenshot
cu -d tablet open "https://example.com"

For Agent Developers

Claw Use is designed as a protocol, not just an app. To add support for a new platform:

  1. Implement the Claw Use HTTP API spec
  2. Expose endpoints on a configurable port (default: 7333)
  3. Support token auth via X-Bridge-Token header
  4. Return JSON responses matching the documented schemas

The cu CLI and this skill work automatically with any compliant implementation.

Tips

  • cu screen -c is the primary perception tool — compact mode filters noise
  • cu click by text is more reliable than cu tap when text is visible
  • cu screenshot when you need visual context the UI tree can't capture
  • Auto-unlock is transparent: locked devices auto-unlock before any command
  • Combine with Tailscale for remote access from anywhere

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…