ClawHub

Desktop Automation Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate automation guide, but it gives broad control over browsers, paired devices, screenshots, local Python execution, and system-wide input without enough safety boundaries.

Install only if you intentionally want broad desktop and paired-device automation. Use it on devices and accounts you own or administer, confirm each camera, screen recording, location, command-run, screenshot, and input-simulation action before execution, and avoid using it around sensitive windows or production accounts unless you have clear controls in place.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes broad terms such as 'screenshot,' 'browser automation,' and Chinese equivalents that may cause the skill to activate for common user requests beyond its intended scope. Overbroad routing can expose powerful automation features in situations where the user did not intend to invoke device control, browser interaction, or GUI scripting.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents privacy-sensitive mobile actions including camera access, screen recording, GPS retrieval, device info, and command execution without prominent consent, authorization, or data-handling warnings. In this context, paired-device control makes the issue more dangerous because these capabilities can capture highly sensitive personal data or execute actions on another device if invoked without clear user confirmation.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill advertises desktop and browser screenshot capabilities without warning that screenshots may capture credentials, personal messages, tokens, or other sensitive on-screen content. Because this is a desktop automation skill, the operational context increases risk: screenshot capture is central functionality and can easily collect unrelated private data from the user environment.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The native automation section explicitly instructs use of Python scripts via `exec`, global mouse/keyboard simulation, native app control, and saving screenshots to disk, but does not warn about the security implications of script execution or unintended interaction with the host system. In a desktop automation skill, these capabilities are especially sensitive because they can manipulate arbitrary applications, interfere with active sessions, and write files on the local machine.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal