by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
This skill is plausible for desktop automation, but take these precautions before installing:
- Inspect the package contents: install.sh expects a DesktopGuardian.spoon under Spoons/ which is not present in the provided manifest — verify the Spoon files exist and inspect them before copying into ~/.hammerspoon.
- Review helpers.py functions that build hs command strings (safe_hs_command / _safe_hs_close_window) to confirm they strictly validate and escape inputs; the monitor uses eval "$HS_CM...详细分析 ▾
ℹ 用途与能力
The declared purpose (macOS GUI automation via Hammerspoon and a monitor agent) aligns with the files and instructions: it installs Hammerspoon, configures a Spoon, compiles a Swift fallback, and installs a LaunchAgent to run monitor cycles. That level of system access (Accessibility permission, LaunchAgent, modifying ~/.hammerspoon/init.lua) is proportionate to the stated goal of active desktop monitoring and automated GUI actions.
⚠ 指令范围
Monitor and install instructions perform powerful system actions (create LaunchAgent, modify ~/.hammerspoon/init.lua, grant Accessibility, install Homebrew casks and pip packages). The monitor runs every 60s and will autonomously execute pre-built hs commands to click UI elements and close apps. The monitor script uses eval "$HS_CMD" to run commands produced by helpers.py; despite claims that shell interpolation is never used, using eval on generated strings increases risk if any builder of those strings can be influenced. The skill also suggests opening Chrome with --remote-debugging-port, which exposes Chrome internals on localhost and is a separate security consideration.
ℹ 安装机制
There is no remote download of arbitrary code; install.sh uses Homebrew to install Hammerspoon, pip to install PyYAML, and compiles a local Swift fallback. That's reasonable. However, install.sh copies a DesktopGuardian Spoon from $PROJECT_DIR/Spoons/DesktopGuardian.spoon — the provided file manifest does not include a Spoons directory or the Spoon contents, which is an inconsistency that will cause install errors or unexpected outcomes. The script also requires Homebrew to be present and will abort if missing.
✓ 凭证需求
The skill requests no environment variables or external credentials. It writes user-scoped files under the home directory and modifies user Hammerspoon configuration and LaunchAgents — these are expected for local desktop automation. No unrelated cloud credentials or secrets are requested.
ℹ 持久化与权限
The skill installs a LaunchAgent that runs monitor.sh every 60 seconds and adds a Spoon load to ~/.hammerspoon/init.lua. That gives continuous, autonomous capability to observe and act on the desktop (including auto-closing apps and dismissing dialogs). 'always' is false, but the agent will act autonomously when installed — this is consistent with the monitoring purpose but increases blast radius if combined with other implementation issues (see eval usage).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv2.0.02026/2/22
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install desktop-guardian
镜像加速npx clawhub@latest install desktop-guardian --registry https://cn.longxiaskill.com