ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

virtual-remote-desktop

v1.0.3

KasmVNC-based virtual desktop for headless Linux with AI-first automation and human handoff. Use when most steps are automated but a user must manually inter...

2· 1.3k·6 current·6 all-time
by@zhangxin15435
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the files: scripts implement installing and running KasmVNC, providing VNC actions (click/type/screenshot) and a guided start/stop workflow. However the registry metadata claims no required env vars/binaries while the scripts expect many binaries (vncserver, vncpasswd, python3, curl, ss, sg, wget, sudo, xdotool, scrot) and use many environment settings (KASM_BIND, CHROME_PROFILE_DIR, KASM_PASS, etc.). That mismatch between declared requirements and actual needs is inconsistent and surprising.
!
Instruction Scope
SKILL.md and scripts instruct the agent to install system packages, write runtime files to ~/.openclaw/vrd-data and to a chrome profile dir, create KasmVNC user/password files, and (optionally) auto-launch a browser using an existing profile/cookies. The scripts read/write local browser cookie/profile paths and runtime secrets (kasm user/password files), and will expose a VNC URL + username/password to the human for handoff. The instructions do not request external tokens, but they do access local sensitive data (browser profile, cookies) which is within scope for a remote-desktop tool but should be explicitly declared.
Install Mechanism
install_kasmvnc.sh fetches a release asset via the GitHub releases API and downloads the .deb using wget — GitHub releases is a reasonable source. However the embedded Python uses the 'requests' module (not installed/checked), so the installer can fail silently or produce empty ASSET_URL. The installer requires sudo and runs apt-get to install the downloaded package and runtime deps, which is a moderate-risk install mechanism and requires user privilege.
!
Credentials
The registry claims no required env vars/credentials, but scripts accept and use many environment variables controlling bind address, profile paths, passwords, and browser behavior. The installer and runtime may add the user to the 'ssl-cert' group (to access TLS key), which is a privileged change. The skill also reads/writes browser profile and cookie files (CHROME_PROFILE_DIR/Default/Cookies) — accessing these is sensitive and should be declared and limited. Overall requested/used environment access is broader than the metadata indicates.
Persistence & Privilege
always:false (good). The skill performs one-time install steps requiring sudo and may add the user to the ssl-cert group (permanent group membership change), and writes runtime files under ~/.openclaw/vrd-data and a KASM_HOME. It does not request to always be loaded or modify other skills. The use of sudo and group modification increases blast radius and should be considered before install.
What to consider before installing
What to consider before installing: - The code will attempt to download and install a KasmVNC .deb from GitHub and uses sudo/apt — only run on machines you control or in an isolated VM. - The installer uses an embedded Python snippet that imports 'requests' but the script does not ensure the module exists; the install may fail unexpectedly. - The install may add your user to the 'ssl-cert' group so the service can use TLS keys — this grants access to system TLS private key files and is a privilege change. - The skill reads/writes browser profile and cookie files (CHROME_PROFILE_DIR/Default/Cookies) and stores runtime secrets under ~/.openclaw/vrd-data; if you keep real login profiles there you may expose session cookies to the remote desktop/human handoff. - Metadata understates actual requirements (binaries/env vars). Expect to need vncserver/vncpasswd, python3, wget, curl, ss/sg, xdotool, scrot, sudo. Recommendations: review scripts line-by-line, run initially in a disposable VM/container, verify the downloaded .deb URL before installing, do not point CHROME_PROFILE_DIR at sensitive live profiles, and ensure you trust the source. If you need help hardening the flow (e.g., avoid adding ssl-cert group, require manual review of downloaded asset), ask and I can suggest changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fjsnesa91ggrry116k5zy1181wthd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments