Windows Screenshot
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it says—capture a Windows screenshot locally—but users should remember screenshots can contain private information and an optional example can send them to Telegram.
This looks like a straightforward local screenshot skill. Before installing or using it, understand that it captures the visible primary Windows screen and saves the image under .openclaw/media unless you choose another folder. Avoid running it while sensitive content is visible, and be careful with the optional Telegram sharing example because that would send the screenshot externally.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked while private windows, credentials, chats, or documents are visible, those contents will be included in the screenshot.
This captures the primary screen. That is the stated purpose of the skill, but the captured screen may contain sensitive information.
$g.CopyFromScreen($screen.Location, [System.Drawing.Point]::Empty, $screen.Size)
Use the skill only when you intend to capture the screen, and hide or close sensitive content first.
Sensitive screenshots may remain on disk and may be reused or shared by later workflows if the user passes the media path along.
Screenshots are saved persistently to a local media directory and the path is emitted for later handling by the agent or user workflow.
$openclaw_media = Join-Path $env:USERPROFILE ".openclaw\media" ... $bmp.Save($path) ... Write-Output "MEDIA:$path"
Delete screenshots after use if they contain sensitive content, or set OPENCLAW_MEDIA_DIR to a folder you manage carefully.
If the optional Telegram command is used, the screenshot can be sent outside the local machine to the selected Telegram recipient.
The Telegram workflow is explicitly optional and separate from the screenshot script, but it involves account credentials and external transmission of the screenshot.
发送到 Telegram(需要配置环境变量) ... 需要 TELEGRAM_BOT_TOKEN 和用户 ID ... openclaw message send --channel telegram --target YOUR_USER_ID --media /path/to/screenshot.png
Only use the Telegram example when you intentionally want to share the image; verify the recipient ID and keep any bot token secret.