Is matagul/desktop-control safe?

https://clawhub.ai/matagul/desktop-control

79
CAUTION

This desktop automation skill appears legitimate but provides extensive system access including screen capture, keyboard/mouse control, and clipboard operations. While appropriate for its stated purpose, these capabilities represent significant security risks if misused.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 60/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 60/100 · 5%

Findings (4)

HIGH Extensive Desktop Control Capabilities -30

The skill provides comprehensive desktop automation capabilities including screen capture, mouse/keyboard control, clipboard access, and window management. While legitimate for automation purposes, these features represent significant data exfiltration and system control risks if misused.

MEDIUM Executable Python Code -15

The skill contains substantial executable Python code including desktop automation functions. The code appears legitimate as a PyAutoGUI wrapper library, but represents code execution risk.

MEDIUM High System Privilege Requirements -25

This skill requires extensive system privileges to control mouse, keyboard, screen capture, and clipboard. While appropriate for its stated desktop automation purpose, it could enable unauthorized system access or surveillance if compromised.

INFO Legitimate Desktop Automation Library -10

The code appears to be a well-structured wrapper around PyAutoGUI for desktop automation tasks with safety features like failsafe controls and approval modes.