Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Linux System Controller
v1.0.0Linux系统控制能力包;当用户需要控制桌面窗口、管理进程、调整音量亮度、管理电源网络、与串口设备通信、控制智能家居设备、进行鼠标键盘自动化、截图OCR或视觉识别时使用
⭐ 0· 54·0 current·0 all-time
by波动几何@wangjiaocheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the provided scripts: window/process/hardware/serial/IoT/GUI controllers. The functionality requested (window management, process control, serial comms, IoT HTTP calls, GUI automation) is coherent with the skill purpose and there are no unrelated required environment variables or hidden cloud credentials.
Instruction Scope
SKILL.md mandates user confirmation for destructive operations (shutdown, reboot, kill, disable network) and 'list before operate' rules, but the included scripts do not implement or enforce interactive confirmation checks — an agent that invokes these scripts could run destructive commands without programmatic confirmation. The IoT module and generic HTTP functions allow requests to arbitrary endpoints/URLs with arbitrary headers/body (expected for IoT use, but also usable for exfiltration if misused).
Install Mechanism
There is no formal install spec (instruction-only), but SKILL.md and the scripts perform on-demand installation: apt-get is suggested in dependencies and multiple scripts call pip install at runtime. Runtime pip installs and apt-get commands may require elevated privileges or network access; they write to disk and install packages — moderate risk but consistent with a system-control skill.
Credentials
The skill declares no required environment variables or credentials. Home Assistant / IoT access is implemented to accept user-provided URLs and tokens at runtime (passed as CLI args), which is proportionate to the stated IoT functionality.
Persistence & Privilege
always:false (good) but the default agent-autonomy (disable-model-invocation:false) plus powerful system-level operations (process kill/start, network enable/disable, power management, GUI automation, arbitrary HTTP) increases the potential blast radius if invoked autonomously. The SKILL.md safety rules rely on agent behavior rather than code-enforced safeguards.
What to consider before installing
This skill provides wide-ranging control of a Linux desktop and devices (processes, network adapters, shutdown/restart, USB/serial, GUI automation, and arbitrary HTTP calls). That capability is consistent with its name, but note two practical risks: (1) SKILL.md says the agent must confirm destructive actions, yet the scripts themselves do not require or enforce explicit confirmations — an agent could run destructive commands if instructed. (2) The scripts install pip packages at runtime and suggest apt-get installs (which may need sudo), and the IoT/http modules can call any URL you provide (so a malicious prompt could be used to send data out). Before installing: review the source files yourself or run the skill in a disposable VM; disable autonomous invocation or require manual approval for any actions that change system state; avoid providing long-lived tokens unless you trust the source; and prefer running these scripts under a restricted account or container to limit potential damage.Like a lobster shell, security has layers — review code before you run it.
latestvk9755q7bc25px72gteh9tnhbv5848hk3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.