Back to skill
Skillv1.0.0
ClawScan security
pyautogui-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 3:56 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, instructions, and requirements are consistent with a PyAutoGUI desktop-automation helper and do not request unrelated credentials or installs.
- Guidance
- This skill appears coherent for local desktop automation, but be aware of the inherent risks of any tool that controls your mouse and keyboard: only run these scripts from sources you trust, keep pyautogui.FAILSAFE enabled (moving the mouse to a corner aborts actions), and avoid running while sensitive windows (password managers, banking, terminals) are focused. Install Python packages in a virtualenv and verify package versions before installing. On macOS grant Accessibility permissions only to trusted Terminal/Python apps. If you plan to allow autonomous agent invocation of this skill, understand that it could simulate input without further prompts — consider limiting autonomous use if you have high-sensitivity workflows.
Review Dimensions
- Purpose & Capability
- okName/description align with the provided Python scripts and SKILL.md. Required binary (python3) and the referenced pip libraries (pyautogui, pyscreeze/Pillow) are appropriate for desktop GUI automation; no unrelated credentials or tools are requested.
- Instruction Scope
- okSKILL.md and the scripts restrict actions to mouse/keyboard movement, screenshots, image location, and shortcuts. They reference local image paths and OS permission steps (macOS Accessibility) which are expected. There are no instructions to read arbitrary system files, network endpoints, or exfiltrate data.
- Install Mechanism
- okNo install spec is provided (instruction-only), and included code files are plain Python scripts. No downloads from untrusted URLs or archive extraction are present.
- Credentials
- okThe skill requests no environment variables or credentials. The lack of secrets is proportionate to the stated purpose.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request permanent presence or modify other skills. Ordinary agent autonomy settings remain unchanged.