ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Computer Takeover

v1.0.0

Full unattended remote control of paired devices (nodes) — screen capture, file management, shell commands, app control, camera, notifications, and process m...

0· 44·1 current·1 all-time
by@fuzzyb33s
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name and description claim full unattended remote control (screen, camera, shell, files, location, pairing). The SKILL.md contains commands that would perform those actions, so the capability matches the description — but the skill requests no credentials, no config paths, and provides no install or source code. For a capability that requires device pairing and gateway auth, the lack of declared auth/credential requirements or a provenance/homepage is disproportionate and unexplained.
Instruction Scope
Instructions explicitly tell the agent how to list nodes, run remote shells, capture screen/camera, read notifications and location, and manage files/processes. Those instructions are tightly scoped to remote-control tasks and do not, in themselves, ask the agent to read unrelated local files or exfiltrate data to arbitrary endpoints. However, the instructions do not describe consent, auditing, or safety checks for highly sensitive actions (camera, location, unattended shell/pairing), which is a meaningful omission.
Install Mechanism
This is an instruction-only skill with no install spec and no included code files — from an install-risk perspective nothing is written to disk by the skill. That reduces one class of supply-chain risk, but does not address the missing provenance/credentials issues.
!
Credentials
The skill requires highly sensitive capabilities (remote shell, camera, location, pairing) but declares no environment variables, credentials, gateway URLs, or config paths. A remote-takeover tool normally requires explicit credentials, tokens, or documented pairing/authentication flows; their absence is incoherent and increases the chance that the skill depends on implicit platform privileges or undisclosed mechanisms.
!
Persistence & Privilege
The skill is not set to always:true (good), but it enables autonomous invocation by default (platform default). Combined with the skill's invasive capabilities and lack of explicit auth/consent documentation, autonomous invocation materially increases risk: the agent could perform sensitive actions without the user fully understanding what permissions or audit controls are in place.
What to consider before installing
This skill claims full unattended control of other devices but provides no source, no homepage, and no explanation of how devices are authenticated or paired. Before installing: (1) ask the publisher for source code or an auditable implementation and a public homepage; (2) confirm exactly how pairing and gateway authentication work and require explicit, per-device user consent; (3) require scoped tokens/credentials and audit logging so actions are attributable; (4) do not enable autonomous invocation for this skill until you understand who can trigger it and how approvals are enforced; (5) if you cannot obtain clear provenance and an auth model, avoid installing — the capability is extremely sensitive and the current package lacks necessary safeguards.

Like a lobster shell, security has layers — review code before you run it.

device-controlvk97371z9w4577ft6xxdst0hf7584npcslatestvk97371z9w4577ft6xxdst0hf7584npcsremote-accessvk97371z9w4577ft6xxdst0hf7584npcsunattendedvk97371z9w4577ft6xxdst0hf7584npcs
44downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@fuzzyb33s
device-controllatestremote-accessunattended
Download

Computer Takeover

Unattended remote control of paired OpenClaw nodes. Controls the remote device as if physically sitting in front of it — no user presence required on the remote end.

Core Capabilities

  1. Device Intelligence — List nodes, get device info, health, permissions, battery, storage, network
  2. Screen Capture — Snapshot or record the remote screen in real-time
  3. Camera Access — Snap photos or record clips from front/back camera
  4. Shell Execution — Run commands, scripts, and PowerShell/Bash on the remote device
  5. File Management — Browse, read, write, delete files on the remote device via shell
  6. App Control — Install, launch, close, list installed apps
  7. Process Management — List running processes, kill processes, monitor CPU/memory
  8. Notifications — Read notifications, trigger actions or replies
  9. Input Injection — Type text, simulate clicks, keypresses (via shell automation)
  10. Location — Get GPS coordinates (if device supports it)
  11. Device Pairing — Initiate pairing or manage existing pairings

Quick Start

Always start by listing available nodes to find the target device:

nodes(action="status")

Then describe the node to confirm it's the right one:

nodes(action="describe", node="<node-id>")

Capability Details

Device Intelligence

nodes(action="status")           // List all paired nodes
nodes(action="device_info", node="<id>")
nodes(action="device_health", node="<id>")
nodes(action="device_permissions", node="<id>")
nodes(action="device_status", node="<id>")  // battery, storage, network

Screen

nodes(action="screen_record", node="<id>", outPath="C:/temp/screen.mp4", durationMs=30000)
nodes(action="photos_latest", node="<id>", limit=5)  // screenshots stored as photos

For live screen viewing, use the canvas tool with target="node" and the node's gateway URL.

Camera

nodes(action="camera_snap", node="<id>", facing="front|back")
nodes(action="camera_clip", node="<id>", facing="front|back", durationMs=10000)

Shell Execution

Use nodes(action="invoke", node="<id>", invokeCommand="<command>", invokeParamsJson="{}").

Windows (PowerShell):

{
  "invokeCommand": "powershell",
  "invokeParamsJson": "{\"command\": \"Get-Process | Select -First 10 Name, CPU, WorkingSet\"}"
}

Android (adb):

{
  "invokeCommand": "adb",
  "invokeParamsJson": "{\"command\": \"shell dumpsys battery\"}"
}

Linux/macOS (SSH-style):

{
  "invokeCommand": "bash",
  "invokeParamsJson": "{\"command\": \"ls -la /tmp | head -20\"}"
}

File Management (via Shell)

# Windows: list directory
nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Get-ChildItem C:/Users/ -Depth 1 | Format-Table Name, Length, LastWriteTime\"}")

# Windows: read file
nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Get-Content C:/temp/log.txt -Tail 50\"}")

# Windows: write file
nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Set-Content -Path C:/temp/output.txt -Value 'Hello from remote'\"}")

App Control

nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Start-Process notepad\"}")  // launch
nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Get-Process | Where Name -eq 'notepad' | Stop-Process\"}")  // close
nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"winget install Microsoft.PowerToys --silent\"}")  // install

Process Management

nodes(action="invoke", node="<id>", invokeCommand="powershell", invokeParamsJson="{\"command\": \"Get-Process | Sort CPU -Descending | Select -First 20 Name, Id, CPU, @{N='MEM_MB';E={[math]::Round($_.WorkingSet/1MB,1)}} | Format-Table -AutoSize\"}")

Notifications

nodes(action="notifications_list", node="<id>", limit=20)
nodes(action="notifications_action", node="<id>", notificationKey="<key>", notificationAction="open|reply|dismiss")

Location

nodes(action="location_get", node="<id>", desiredAccuracy="precise")

Node Pairing

To pair a new device, use the node-connect skill and follow the pairing flow. Pairing requires the device to have the OpenClaw companion app installed and connected to the same gateway.

Workflow: Full Takeover Session

  1. nodes(action="status") — find the node ID
  2. nodes(action="device_info", node="<id>") — confirm device name/type
  3. nodes(action="screen_record", node="<id>", ...) or canvas tool — see what they're doing
  4. Run commands as needed via nodes(action="invoke", ...)
  5. Transfer files via base64 encoding through shell or direct path sharing

Important Notes

  • Timeout: Default invokeTimeoutMs is 30000ms. Increase for long-running commands.
  • Elevation: Some operations (installing apps, killing system processes) may need elevated permissions on the remote device.
  • Safety: Always confirm the target node before running destructive commands (delete files, kill processes, etc.).
  • Gateway URL: For canvas tool with remote screen, the node must have gateway.remote.url configured and accessible.

References

  • Full nodes tool docs: see OpenClaw tool reference for all actions and parameters
  • Node pairing guide: see node-connect skill for setup troubleshooting
  • Gateway configuration: gateway.remote.url in OpenClaw config controls accessibility

Comments

Loading comments...