Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
System Controller
v1.0.0Control Windows desktop software, hardware, and IoT devices. This skill should be used when the user wants to open/close/resize windows, start/stop/monitor p...
⭐ 0· 48·0 current·0 all-time
by波动几何@wangjiaocheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description claim Windows desktop, hardware, serial, and IoT control; the included scripts (window_manager, process_manager, hardware_controller, serial_comm, iot_controller, gui_controller) implement exactly those capabilities. Minor incoherence: SKILL.md and scripts assume Windows-only behavior (PowerShell, Win32 APIs) but registry metadata lists no OS restriction.
Instruction Scope
SKILL.md instructs the agent to run the shipped Python scripts via a managed Python path and to always ask for confirmation before destructive actions. The scripts themselves implement a wide range of actions (process kill, shutdown, network adapter disable, screenshots, OCR, serial comm). The agent must enforce the promised confirmation steps — nothing in the scripts forces user confirmation. The SKILL.md also hard-codes an example Python path under C:\Users\wave which may not exist on other hosts (likely a template artifact).
Install Mechanism
There is no registry install spec, but the scripts perform runtime dependency installation (pip install) for pyautogui, pillow, requests, pyserial, etc. Installing PyPI packages at runtime is common here but raises supply-chain risk (malicious or compromised packages). No downloads from unknown custom hosts were detected.
Credentials
The skill declares no required environment variables or credentials (ok), but it can collect detailed local info (process list, system/network info, USB devices, screenshots) and includes a generic HTTP client (iot_controller.http_* and Home Assistant support) that can send requests to arbitrary URLs. Combining local data collection with the ability to POST to arbitrary endpoints is a high-risk capability if misused or invoked without strict user confirmation or network restrictions.
Persistence & Privilege
The skill does not set always:true and does not request system-wide config or other skills' credentials. It will run only when invoked. It does write screenshot files under the skill path when taking screenshots (normal for this functionality).
What to consider before installing
This skill is functionally coherent for controlling Windows apps, hardware, serial devices, and local IoT, but it comes with significant power: it can list processes and hardware, take screenshots, install Python packages at runtime, and make arbitrary HTTP requests. Before installing: 1) Inspect the code yourself (you have the scripts) to verify no hard-coded external endpoints or data-exfiltration logic; 2) Only run it in a trusted, isolated environment (or restrict its network access) if you plan to allow it to make HTTP requests; 3) Ensure the agent enforces explicit user confirmation for any destructive action (shutdown, kill, disable network); 4) Consider preventing runtime pip installs or pre-provisioning required packages from trusted sources; 5) If you don't need generic HTTP or system-info collection, prefer a narrower skill or ask for a version that restricts network destinations and sensitive reads.Like a lobster shell, security has layers — review code before you run it.
latestvk97640crjjwg20qrtv5594t571845g9k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.