Desktop Control

OpenClaw analysis

The package is internally consistent: it implements desktop automation (mouse, keyboard, screenshots, clipboard) and its files and docs match that purpose; it does not request unrelated credentials or surprising installs, but it is powerful and can perform sensitive actions on your machine.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 2 The skill bundle provides extensive desktop automation capabilities, including full control over mouse, keyboard, screen, window management, clipboard, and the ability to execute commands via the Windows Run dialog (Win+R) in `ai_agent.py`. While these are high-risk capabilities, they are plausibly needed for the stated purpose of 'advanced desktop automation' and the skill includes explicit safety features like failsafe and an approval mode. There is no clear evidence of intentional malicious behavior such as data exfiltration, persistence, or obfuscation. The AI agent's planning is currently rule-based, mitigating immediate prompt injection risk for arbitrary command generation, though the underlying `DesktopController` (in `__init__.py`) offers powerful primitives.