ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

openclaw-computer

v1.0.0

Enable OpenClaw to control and use the computer like a human. Use when: (1) User asks to open applications or files, (2) User needs to automate desktop tasks...

1· 82·0 current·0 all-time
byAche@zhmza
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the included code and runtime instructions: the package implements GUI automation, screenshots, recording, file management and process control. The only minor incoherence is that registry metadata declared no required binaries/env but the documentation and code clearly depend on many system tools (xdotool, scrot, wmctrl, xclip, ffmpeg) and Python packages; this is an omission in metadata but not a functional mismatch.
Instruction Scope
SKILL.md and included scripts direct the agent to install system packages, copy files into ~/.openclaw, create config/log files, run test.sh, and execute commands that enumerate, launch, kill and delete processes/files. Those actions are within the stated scope (controlling the desktop and managing files), but they grant broad local access — the instructions and scripts will read/modify home directories and can execute arbitrary binaries. The runtime instructions do not request unrelated secrets or external endpoints.
Install Mechanism
There is no formal install spec in the registry (instruction-only), which is lower-risk, but SKILL.md recommends installing system packages and optionally git-cloning from https://github.com/openclaw/openclaw-computer-use.git. The code files are already present in the package, so the git clone suggestion is redundant; relying on an external GitHub clone would add network/trust risk. Installing system packages requires sudo and adds surface area (ffmpeg, xdotool, etc.).
Credentials
The skill requests no environment variables or external credentials (good). It does create and use files under $HOME/.openclaw and ~/Screenshots and operates on arbitrary filesystem paths (copy/move/delete). Those capabilities are proportional to a desktop-control skill but are powerful — file deletion and process-killing functionality is implemented and should be treated as high-privilege for local safety.
Persistence & Privilege
always:false (no forced global inclusion). The skill writes config/log files under ~/.openclaw but does not request elevated persistent platform privileges in the manifest. It can run arbitrary commands while invoked, which is expected for this functionality.
Assessment
This skill appears to do what it claims: controlling mouse/keyboard, taking screenshots, recording, launching/killing apps and managing files. Before installing or running it: (1) review the included scripts (computer-use.sh, computer_use*.py) yourself — they invoke shell commands and can delete/move files and kill processes; (2) avoid running install/test steps with sudo on a production machine — use a disposable VM or sandbox first; (3) if you follow the SKILL.md git clone path, verify the remote repository and its integrity; (4) note that metadata omitted required system binaries (xdotool, scrot, wmctrl, xclip, ffmpeg), so ensure you only install the exact dependencies you trust; (5) if you need least privilege, restrict uses (don’t allow destructive commands) or run under a user account with limited access. If you want, I can highlight risky functions/lines in the code to inspect more closely.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f877ytvqs5b97zr2rfxtx4983vbga

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments