computer-use-agents

This skill provides legitimate patterns and sample code for building 'computer use' AI agents (screen capture, model-driven actions, Docker sandboxing). There is no evidence of embedded backdoors, obfuscated payloads, or explicit malicious code in the provided fragments. However, the capability set (full-screen screenshots, keyboard/mouse control, shell execution, VNC access, and model API integration) is extremely powerful and dangerous if misused or deployed without strict isolation and auditing. The main risks are sensitive data exfiltration (screenshots sent to third-party models), unauthorized actions on the host (typing/clicking driven by model outputs), and network exposure via mapped ports. The documentation correctly emphasizes sandboxing, but the examples still expose attack surfaces (port mappings, temporary files). Treat this skill as high-risk: it is appropriate only in tightly controlled, isolated environments with explicit human approval, limited network egress, and careful auditing of what is sent to remote model APIs.