ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Deskuse

v0.1.0

Top-level cross-platform computer-use skill that bundles standalone macOS, Windows, and Linux runtimes with zero local Claude dependency and selects the corr...

0· 77·0 current·0 all-time
by@wimi321
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description say it's a top-level cross-platform computer-use skill bundling macOS/Windows/Linux runtimes; the package contains platform-specific projects (macos/windows/linux), Python helpers, and TypeScript runtimes that implement screenshots, synthetic input, app/process discovery, and an MCP server. These capabilities are consistent with the stated purpose.
!
Instruction Scope
Runtime instructions describe selecting/building the platform project and running the included runtime, which fits the intent. However there are a few mismatches in the docs/instructions: the SKILL.md shows '~/.codex/skills/deskuse' as the installed root but many platform READMEs and examples refer to '~/.codex/skills/computer-use-linux' (different bundled-skill names). SKILL.md (and its 'Platform selection' section) references a PowerShell script ($HOME/.codex/skills/deskuse/scripts/current-project.ps1) that does not appear in the file manifest (only .sh and .mjs scripts are present). The code and README make clear the runtime will enumerate processes, read process exe paths, capture screenshots, access the clipboard, and synthesize input — all expected for this functionality but high-sensitivity actions that must be limited to trusted local hosts. The instructions do not request secrets, but they give wide discretion to read local UI state and control input.
Install Mechanism
There is no automated install spec in the registry metadata (instruction-only), but the bundle contains full project source. Build/run requires 'npm install' (Node packages from npm) and first-run Python virtualenv creation with pip installing requirements from runtime/requirements.txt. These are normal for such a runtime but do pull public packages from registries — moderate risk and worth auditing dependencies before running.
Credentials
The skill declares no required environment variables or credentials. It does reference optional env flags like CLAUDE_COMPUTER_USE_* and reads CODEX_THREAD_ID when creating locks. No unexpected secret-bearing vars or unrelated credentials are requested.
Persistence & Privilege
The skill is not set to always:true and does not request platform-wide privileges in the manifest. Runtime behavior will create local state (virtualenv, lock file under ~/.linux-computer-use-skill or copied project under ~/.codex/skills/...) and will run processes that control the desktop and capture screenshots. Because it can automate input and capture the display/clipboard/process list, it has a high privilege/impact at the host level — the SKILL.md even recommends treating the host as 'trusted-local only.'
What to consider before installing
This package appears to be a genuine cross-platform desktop-automation skill, but it grants powerful local capabilities (screenshots, clipboard read/write, mouse/keyboard synthesis, process and installed-app enumeration). Before installing or running it: - Treat any machine you run this on as trusted-local only. Don't install on a machine containing secrets you can't risk being captured by screenshots/clipboard. - Audit the code you will run (start with project/platforms/<platform>/runtime/*.py and the TypeScript 'pythonBridge' / 'executor' code). Look for unexpected network calls, hard-coded endpoints, or subprocess execs that could exfiltrate data. - Verify the scripts referenced in SKILL.md actually exist (PowerShell script mentioned is missing from the manifest). Fix documentation mismatch before automated usage. - Review package.json and runtime/requirements.txt to inspect third-party deps; consider installing in an isolated VM or sandbox first. - Because the project bootstraps a virtualenv and installs Python packages on first run, prefer to run those steps manually in a controlled environment so you can review what will be installed. - If you need higher assurance, run the runtime inside a disposable VM and observe network activity/IO during first-run bootstrap and while exercising features. Confidence is medium because the bundle contents align with the claimed purpose, but the documentation inconsistencies and the inherently high-sensitivity nature of desktop-control justify caution.
project/platforms/linux/src/lib/execFileNoThrow.ts:9
Shell command execution detected (child_process).
project/platforms/macos/dist/lib/execFileNoThrow.js:4
Shell command execution detected (child_process).
project/platforms/macos/src/lib/execFileNoThrow.ts:9
Shell command execution detected (child_process).
project/platforms/windows/src/lib/execFileNoThrow.ts:9
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

automationvk97010e5ffts7xhhaejq5ejn31840ycxcomputer-usevk97010e5ffts7xhhaejq5ejn31840ycxlatestvk97010e5ffts7xhhaejq5ejn31840ycxlinuxvk97010e5ffts7xhhaejq5ejn31840ycxmacosvk97010e5ffts7xhhaejq5ejn31840ycxmcpvk97010e5ffts7xhhaejq5ejn31840ycxskillvk97010e5ffts7xhhaejq5ejn31840ycxwindowsvk97010e5ffts7xhhaejq5ejn31840ycx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments