ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nm Phantom Computer Control

v1.0.0

Automate desktop GUI workflows via Claude computer use API with screenshot capture and mouse/keyboard control

0· 41·1 current·1 all-time
by@athola
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description and SKILL.md consistently describe a desktop GUI automation skill that uses Claude's Computer Use API and OS tools (xdotool, scrot, Xvfb). However, the registry metadata declares no required environment variables or binaries while the SKILL.md explicitly expects an ANTHROPIC_API_KEY (export example) and system binaries. That mismatch between claimed requirements and the actual instructions is an incoherence.
!
Instruction Scope
The SKILL.md instructs the agent to capture full-screen screenshots and perform mouse/keyboard actions (xdotool/scrot) and to supply an API key to the remote Claude/Anthropic API. Those actions are within the stated purpose but are inherently high-sensitivity (screenshots can expose private data). The file also references running Python modules (phantom.cli) and uv run, yet no code files are bundled in the skill — the instructions assume code exists externally (the GitHub repo), which is not present in the package metadata.
Install Mechanism
This is an instruction-only skill with no install spec, so nothing is written automatically to disk by the registry. SKILL.md recommends installing system packages via apt (xdotool, scrot, xclip, Xvfb) which is a normal, low-risk instruction, but installation is manual and the skill will depend on those host-level tools.
!
Credentials
The skill requires an API key (examples use ANTHROPIC_API_KEY / sk-ant-...) and will send screenshots to Claude/Anthropic, but the registry metadata lists no required env vars or primary credential. Requesting an API key and sending full-screen images is proportionate to the skill's function but the missing declaration is an important inconsistency and increases risk (possible unexpected exfiltration of screen contents if misused).
Persistence & Privilege
always is false and the skill does not request system-wide config paths or to modify other skills. Autonomous invocation is allowed by default (platform normal), which means the agent could run this skill without per-call approval — combine that with the screenshot/control capabilities and you should consider restricting agent autonomy when installing.
What to consider before installing
This skill will capture screenshots and control your mouse/keyboard via OS tools and send those interactions to Claude/Anthropic — it's powerful and can reveal private information. Before installing: 1) Confirm where the actual code lives (SKILL.md assumes code from the GitHub repo; none is bundled). 2) Expect to provide an Anthropic/Claude API key even though the registry metadata doesn't declare it; prefer skills that explicitly declare required credentials. 3) Run only in a VM/Docker sandbox or an isolated account and close all sensitive apps; test with dummy data. 4) Require human approval for any actions that have real consequences and set strict max_iterations. 5) If you need stronger assurance, ask the maintainer to (a) include explicit requires.env metadata, (b) bundle or point to a verified release artifact, and (c) provide reproducible install steps and the exact code that will run so you can audit it before use.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🦞 Clawdis
latestvk979yk82namtsg78xx2jec52sx84w5t3
41downloads
0stars
1versions
Updated 4d ago
v1.0.0
MIT-0
@athola
latest
Download

Night Market Skill — ported from claude-night-market/phantom. For the full experience with agents, hooks, and commands, install the Claude Code plugin.

Computer Control Skill

Use Claude's Computer Use API to see and control desktop environments through screenshots and mouse/keyboard actions.

When To Use

  • Automating GUI-based workflows that lack CLI alternatives
  • Testing web applications through visual interaction
  • Filling forms, navigating menus, or interacting with desktop apps
  • Building automation pipelines that need visual verification

When NOT To Use

  • Tasks achievable through CLI or API (no GUI needed)
  • Browser automation better served by Playwright or CDP

Architecture

The computer use system has three layers:

  1. Display Toolkit (phantom.display) - executes OS-level actions via xdotool/scrot on the real or virtual display
  2. Agent Loop (phantom.loop) - manages the conversation cycle between Claude API and the display toolkit
  3. CLI (phantom.cli) - command-line interface for running tasks or checking environment readiness
User Task
    |
    v
Agent Loop  <---->  Claude API (beta)
    |                   |
    v                   v
Display Toolkit    tool_use responses
    |              (click, type, screenshot)
    v
OS Commands (xdotool, scrot)
    |
    v
Display (X11 / Xvfb / WSLg)

Quick Start

Check environment

cd plugins/phantom
uv run python -m phantom.cli --check

Run a task

export ANTHROPIC_API_KEY="sk-ant-..."
uv run python -m phantom.cli "Open Firefox and search for Claude AI"

Use in Python

from phantom.display import DisplayConfig, DisplayToolkit
from phantom.loop import LoopConfig, run_loop

result = run_loop(
    task="Take a screenshot of the desktop",
    api_key="sk-ant-...",
    loop_config=LoopConfig(
        model="claude-sonnet-4-6",
        max_iterations=10,
    ),
    display_config=DisplayConfig(width=1920, height=1080),
)

print(f"Done in {result.iterations} iterations")
print(result.final_text)

API Versions

ModelTool VersionBeta Flag
Opus 4.6, Sonnet 4.6, Opus 4.5computer_20251124computer-use-2025-11-24
Sonnet 4.5, Haiku 4.5, oldercomputer_20250124computer-use-2025-01-24

The resolve_tool_version() function handles this mapping automatically based on the model name.

Available Actions

All versions:

  • screenshot - capture display
  • left_click - click at [x, y]
  • type - type text string
  • key - press key combo (e.g., ctrl+s)
  • mouse_move - move cursor

Enhanced (20250124+):

  • scroll - scroll with direction and amount
  • left_click_drag - drag between coordinates
  • right_click, middle_click, double_click, triple_click
  • hold_key - hold key for duration
  • wait - pause between actions

Latest (20251124):

  • zoom - inspect screen region at full resolution

Safety

Computer use carries risks. Follow these guidelines:

  1. Use a sandbox: Run in Docker or a VM, not your main OS
  2. Limit access: Do not provide login credentials unless necessary, and never for banking or sensitive services
  3. Set iteration caps: Always use max_iterations to prevent runaway API costs
  4. Human approval: For actions with real-world consequences, add confirmation callbacks via on_action
  5. Close sensitive apps: Claude sees the full screen via screenshots; close anything private before starting

Environment Requirements

Linux (native or WSL2 with WSLg):

sudo apt install xdotool scrot xclip

Headless (Docker/CI):

# Install Xvfb for virtual display
sudo apt install xvfb xdotool scrot xclip
Xvfb :1 -screen 0 1920x1080x24 &
export DISPLAY=:1

Prompting Tips

  1. Be specific about each step of the task
  2. Add "After each step, take a screenshot and verify" to catch mistakes early
  3. Use keyboard shortcuts when UI elements are hard to click
  4. Provide example screenshots for repeatable workflows
  5. Set a system prompt with domain-specific instructions

Comments

Loading comments...