openclaw-channel-screenshot-send
Warn
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system-level commands to capture the display and uses the external openclaw CLI for communication.
- [DATA_EXFILTRATION]: The core function is to capture a screenshot of the user's screen—potentially containing sensitive information—and send it to an external messaging channel. This process exposes visible documents, credentials, or private communications.
- [COMMAND_EXECUTION]: The command pattern interpolates variables from the conversation context (channel and target ID) into a shell command, which could be exploited for command injection if those values are influenced by an attacker via indirect prompt injection.
Audit Metadata