wine desktop automation
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do what it claims—local desktop and Wine GUI automation—but it has broad control over mouse, keyboard, windows, screenshots, and Wine programs, so it should only be used for explicit trusted automation tasks.
Install only if you need local GUI/Wine automation and trust the tasks you will give it. Keep sensitive apps closed, avoid typing secrets through it, verify dependencies from trusted sources, and give precise instructions about which window or program it may control.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An automation error could type into the wrong window, click an unintended control, close an application, or capture sensitive screen content.
The skill explicitly provides broad GUI automation, including clicking, typing, window control, closing windows, and screenshots. This matches the purpose, but mistakes or overly broad agent use could affect the wrong application.
自动化 GUI 操作(点击、输入、导航) ... 激活、最小化、最大化、关闭窗口 ... 截屏功能
Use this only for clearly specified desktop tasks, keep sensitive windows closed, and review the intended target window and actions before allowing disruptive steps.
If pointed at an untrusted executable or given unsafe arguments, the skill could run unwanted code inside the user's Wine environment.
The launcher can execute local Windows programs through Wine. This is central to the skill's stated Wine automation purpose, but it is still executable-launch authority.
cmd = [self._wine_path, executable] ... process = subprocess.Popen(cmd, ...)
Only launch trusted executables from expected paths, and avoid giving the skill broad or ambiguous instructions to run programs.
Users may need to install dependencies manually and should verify they come from trusted package sources.
The documentation requires system and Python dependencies, but the registry metadata declares no required binaries and the provided manifest does not include requirements.txt. This makes installation/review context incomplete.
sudo apt-get install wine64 xdotool wmctrl scrot pip install -r requirements.txt
Before installing, confirm the expected dependencies and prefer pinned, trusted packages. The publisher should add an install spec and include the referenced requirements/config files.
Private text, passwords, or account data typed through this skill could appear in local debug logs if logging is enabled.
The keyboard helper logs the beginning of text it types. The logger implementation is not included, so persistence and destination are unclear, but typed text could include sensitive content.
logger.debug(f'Typed text: {text[:50]}...')Avoid using the skill to type secrets, or change the implementation to redact typed text from logs.