Desktop Control

OpenClaw analysis

This appears to be a real desktop automation skill, but it gives broad control over screen, keyboard, clipboard, windows, screenshots, and app launching with limited default confirmation.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 2 The skill bundle provides extensive desktop automation capabilities, including full control over mouse, keyboard, screen, window management, clipboard, and the ability to execute commands via the Windows Run dialog (Win+R) in `ai_agent.py`. While these are high-risk capabilities, they are plausibly needed for the stated purpose of 'advanced desktop automation' and the skill includes explicit safety features like failsafe and an approval mode. There is no clear evidence of intentional malicious behavior such as data exfiltration, persistence, or obfuscation. The AI agent's planning is currently rule-based, mitigating immediate prompt injection risk for arbitrary command generation, though the underlying `DesktopController` (in `__init__.py`) offers powerful primitives.