TuriX Computer Use
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is clearly meant for macOS desktop automation, but it asks for broad screen-recording and accessibility control with limited scoping, so it should be reviewed carefully before installation.
Install only if you intentionally want an agent that can see and control your Mac desktop. Verify the external TuriX repository and Python environment, grant macOS privacy permissions sparingly, supervise sensitive workflows, and remove permissions or logs when finished.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked on a sensitive task or misdirected, the agent could interact with apps, accounts, files, or system settings on the user’s behalf.
The skill authorizes autonomous GUI execution, which can include clicking, typing, and navigating arbitrary desktop applications. The artifacts do not define clear approval gates, app allowlists, or containment for high-impact actions.
When you need the agent to plan, reason, and execute complex tasks autonomously.
Use only for specific, supervised tasks. Avoid granting it open-ended goals, and require manual confirmation before account, payment, upload, deletion, or settings changes.
These permissions can allow the automation stack to see the screen and control the Mac, potentially including private windows, logged-in accounts, and sensitive applications.
The skill asks the user to grant broad OS-level observation and control privileges to several runtimes. That is proportionate to desktop automation, but it is high-impact and not narrowly scoped in the metadata or instructions.
Screen Recording: Add Terminal, VS COde ... Add `/your_install_dir/bin/node` ... Accessibility: Add Terminal, VS Code, Node, and `/usr/bin/python3`.
Grant these macOS permissions only if you trust the skill and the TuriX runtime. Consider using a separate macOS account or test environment and remove permissions when not needed.
The actual desktop-control code that receives powerful macOS permissions comes from outside this skill package.
The skill depends on an external repository and Python dependencies that are not included in the reviewed artifacts. This is expected for this integration, but the reviewed package does not pin or verify that external code.
Set up TuriX following the official repository: `https://github.com/TurixAI/TuriX-CUA` ... `pip install -r requirements.txt`
Inspect and pin the external TuriX repository and dependencies before use, and install them in an isolated environment.
Running the skill launches a local automation program that can act through the desktop once permissions are granted.
The helper script runs the TuriX Python application from a local Conda environment. This is central to the stated purpose and not hidden, but users should recognize that invoking the skill executes local Python code.
"$CONDA_PATH" run -n "$ENV_NAME" python examples/main.py
Review the local TuriX installation and run with `--dry-run` first if you want to verify what command will be executed.
Sensitive details from desktop tasks, such as account workflows, email context, or uploaded document names, may remain in local logs.
The skill documents local logging of execution details and LLM interactions. For desktop workflows, those logs may include sensitive task context even though the logging is disclosed.
Logs are saved to `.turix_tmp/logging.log` ... LLM interactions and reasoning
Review and delete `.turix_tmp/logging.log` after sensitive sessions, and avoid using the skill on confidential data unless the logging behavior is acceptable.
A resumed task may continue prior desktop automation context, which could be risky if the original task involved sensitive apps or accounts.
Resume behavior and agent memory are disclosed and related to the CUA workflow. They are not evidence of hidden persistence, but they do mean sessions can continue across interruptions.
The agent can resume interrupted tasks by setting a stable `agent_id`.
Use unique task IDs, avoid resuming sensitive sessions unless intended, and use the documented force-stop hotkey if behavior is unexpected.