clawdcursor

This module is not obviously obfuscated or containing traditional malware constructs (no reverse shell, no command exec via child_process, no hard-coded credentials). However it is a high-risk component for privacy and supply-chain abuse: it captures full screenshots and accessibility trees and sends them (along with an API key) to a remote LLM endpoint, then executes arbitrary desktop actions instructed by that remote model. If the remote model or the configured endpoint is malicious or the API key/overrides are compromised, sensitive data can be exfiltrated and the host can be driven to perform harmful actions. Use only with strong endpoint trust, strict redaction/whitelisting, and hardened safety controls.