Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Computer Use Windows
v0.1.1Top-level Windows computer-use skill with a bundled standalone runtime that bootstraps itself without any local Claude installation, private native modules,...
⭐ 0· 54·0 current·0 all-time
by@wimi321
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (Windows computer-use skill with bundled standalone runtime) matches the included files: a Node TypeScript tool layer and a Python Windows helper that performs screenshots, window enumeration, input control (pyautogui), registry reads, and app/process inspection. There are no declared env vars or unrelated credentials required.
Instruction Scope
SKILL.md instructs building the bundled project (npm install, npm run build) and running node dist/cli.js; the runtime auto-creates a Python virtualenv and installs requirements. The actions the code performs (screenshots, clipboard access, mouse/keyboard control, registry reads) are within the stated purpose. Note: these capabilities allow capture of screen/clipboard and remote agent-driven input — SKILL.md does not (and cannot) prevent an agent from capturing and transmitting sensitive local data once allowed.
Install Mechanism
No install spec is declared for the platform; SKILL.md expects you to run npm install and npm build and the runtime will pip-install standard public Python packages from PyPI (mss, pyautogui, Pillow, psutil, pywin32). All installs are from well-known package registries (npm/PyPI); there are no obscure download URLs or remote extract steps in the manifest. This is normal but means network fetches will occur at build/first-run.
Credentials
The skill declares no required env vars or credentials. Example MCP config uses non-sensitive flags (debug, coordinate mode). The bundle does create local config/lock files under the user's home directory and reads the Windows registry for app info — behavior expected for app/window discovery and coherent with the skill's purpose.
Persistence & Privilege
The skill is not 'always' enabled and does not request system-wide config changes. It runs as a user-level MCP server and writes a venv and a local lock file under the user's profile. However, because it can autonomously be invoked by an agent (default platform behavior) and it controls the desktop and can capture screenshots/clipboard, this is a high-privilege capability — run only where you trust the agent and policies that gate screenshot/exfiltration.
Assessment
This package is internally consistent with its stated purpose, but it grants powerful local privileges (screenshots, clipboard access, mouse/keyboard, registry and process enumeration). Before installing or running it: 1) only run on a Windows machine you control or in an isolated VM; 2) review runtime/windows_helper.py and the TypeScript server code yourself (they perform registry reads, base64-encode screenshots, and expose JSON over stdio/MCP); 3) be aware npm install and first-run pip installs will fetch public packages from npm/PyPI; 4) ensure your agent's MCP gating/policy prevents automatic exfiltration of screenshots/clipboard or requires explicit user confirmation for sensitive actions; 5) prefer running first in a sandboxed/test environment and verify the upstream source (GitHub/ClawHub link) and signatures if you must deploy to production.project/src/lib/execFileNoThrow.ts:9
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
automationvk971vkcsz3vzkqt1s8aj1bgszs841htrcomputer-usevk971vkcsz3vzkqt1s8aj1bgszs841htrlatestvk971vkcsz3vzkqt1s8aj1bgszs841htrmcpvk971vkcsz3vzkqt1s8aj1bgszs841htrskillvk971vkcsz3vzkqt1s8aj1bgszs841htrwindowsvk971vkcsz3vzkqt1s8aj1bgszs841htr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.