📦 Computer Takeover — 远程接管电脑
v1.0.0对配对设备(节点)进行无人值守的远程全控:截屏、文件管理、Shell命令、应用操控、摄像头、通知及进程管理。
0· 44·1 当前·1 累计
by 下载技能包
最后更新
2026/4/11
安全扫描
OpenClaw
可疑
medium confidenceThe skill's stated capability (full unattended remote control) matches the instructions, but the package lacks provenance, an auth/credential model, and installation details — those gaps are unexplained and risky.
评估建议
This skill claims full unattended control of other devices but provides no source, no homepage, and no explanation of how devices are authenticated or paired. Before installing: (1) ask the publisher for source code or an auditable implementation and a public homepage; (2) confirm exactly how pairing and gateway authentication work and require explicit, per-device user consent; (3) require scoped tokens/credentials and audit logging so actions are attributable; (4) do not enable autonomous invoc...详细分析 ▾
⚠ 用途与能力
The name and description claim full unattended remote control (screen, camera, shell, files, location, pairing). The SKILL.md contains commands that would perform those actions, so the capability matches the description — but the skill requests no credentials, no config paths, and provides no install or source code. For a capability that requires device pairing and gateway auth, the lack of declared auth/credential requirements or a provenance/homepage is disproportionate and unexplained.
ℹ 指令范围
Instructions explicitly tell the agent how to list nodes, run remote shells, capture screen/camera, read notifications and location, and manage files/processes. Those instructions are tightly scoped to remote-control tasks and do not, in themselves, ask the agent to read unrelated local files or exfiltrate data to arbitrary endpoints. However, the instructions do not describe consent, auditing, or safety checks for highly sensitive actions (camera, location, unattended shell/pairing), which is a meaningful omission.
✓ 安装机制
This is an instruction-only skill with no install spec and no included code files — from an install-risk perspective nothing is written to disk by the skill. That reduces one class of supply-chain risk, but does not address the missing provenance/credentials issues.
⚠ 凭证需求
The skill requires highly sensitive capabilities (remote shell, camera, location, pairing) but declares no environment variables, credentials, gateway URLs, or config paths. A remote-takeover tool normally requires explicit credentials, tokens, or documented pairing/authentication flows; their absence is incoherent and increases the chance that the skill depends on implicit platform privileges or undisclosed mechanisms.
⚠ 持久化与权限
The skill is not set to always:true (good), but it enables autonomous invocation by default (platform default). Combined with the skill's invasive capabilities and lack of explicit auth/consent documentation, autonomous invocation materially increases risk: the agent could perform sensitive actions without the user fully understanding what permissions or audit controls are in place.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/11
- Initial release of computer-takeover skill for full unattended remote control of paired devices. - Supports real-time screen capture, camera access, file management, shell/command execution, and app control across Windows, macOS, Android, and iOS. - Enables input injection (typing, clicks), process management, notification monitoring/responding, and location retrieval. - Node pairing and management included for secure device linking. - Designed for automation, device ghosting, and direct device management without user interaction on the remote end.
● Pending
安装命令
点击复制官方npx clawhub@latest install computer-takeover
镜像加速npx clawhub@latest install computer-takeover --registry https://cn.longxiaskill.com