← Back to Skills Marketplace
Xdotool Control
by
jeremysommerfeld8910-cpu
· GitHub ↗
· v1.0.0
769
Downloads
1
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install xdotool-control
Description
Mouse and keyboard automation using xdotool. Use when clicking Chrome extension icons, typing into GUI apps, switching browser tabs, automating desktop UI, o...
Usage Guidance
This skill appears to be what it claims — a local Linux desktop automation helper using xdotool — but it gives the agent the ability to move the mouse, send keystrokes, and take screenshots. Before installing or enabling it, consider: 1) Only install if you trust the skill owner and you need local GUI automation. 2) Review the included scripts (they are bundled and readable) and do not run them as root. 3) Be cautious about using the skill together with any model-image-reading tool: screenshots saved to /tmp may contain passwords, auth cookies, or other sensitive UI state and may be transmitted to the model service when you use the 'Read' tool. 4) Note the tmux approve snippet — it can programmatically send confirmations into sessions (e.g., 'Yes' to a claude-session); ensure that's acceptable in your environment. 5) Because SKILL.md references an absolute path (~/.openclaw/workspace/skills/xdotool-control/...), confirm where your platform will place scripts so the sample invocations work. If you want additional assurance, run the scripts in a sandboxed user account or VM first, and avoid enabling autonomous invocation if you don't want the agent to trigger GUI actions without explicit user requests.
Capability Analysis
Type: OpenClaw Skill
Name: xdotool-control
Version: 1.0.0
The OpenClaw AgentSkills bundle provides powerful desktop automation capabilities using xdotool and scrot, which are inherently high-risk. While the SKILL.md instructions do not contain explicit malicious prompt injection, several shell scripts (`scripts/browser_action.sh`, `scripts/find_and_click.sh`, `scripts/snap_verify_click.sh`, `scripts/type_in_window.sh`) are vulnerable to shell injection. User-controlled arguments like `ACTION` in `browser_action.sh` or `WINDOW_NAME` in the other scripts are directly interpolated into shell commands without sanitization, allowing for arbitrary command execution if an attacker can control these inputs. This constitutes a critical vulnerability, classifying the skill as suspicious rather than malicious, as there's no evidence of intentional harmful behavior by the skill's author.
Capability Assessment
Purpose & Capability
Name/description (xdotool-based desktop automation) match the included scripts and SKILL.md. All required commands (xdotool, scrot, optional ImageMagick) are appropriate for the claimed tasks. There are no unrelated cloud credentials, external APIs, or binaries requested that would be inconsistent with a GUI automation skill.
Instruction Scope
Instructions stay within desktop automation: finding windows, focusing, moving mouse, typing, taking screenshots, and using template-matching. A few items warrant attention: (1) the SKILL.md explicitly suggests 'Read screenshots with Claude's Read tool' — using the model to read screenshots may upload sensitive GUI content to the external model service; (2) there's a small snippet to send a 'Yes' into a tmux session (automating acceptance for a 'claude-session'), which can be used to approve prompts or automated flows — this is powerful and could be abused if misused. Otherwise the runtime steps are explicit and limited to local interactions.
Install Mechanism
This is an instruction-only skill with bundled scripts — no install spec that fetches remote code. All code is provided in the bundle; runtime depends on common distro packages (xdotool, scrot, imagemagick). No downloads from arbitrary URLs or archive extraction were found.
Credentials
The skill requests no environment variables, credentials, or config paths. The scripts only read local window state and write screenshots to /tmp. No secret-typed environment variables are required or referenced.
Persistence & Privilege
always is false and the skill does not request elevated/system-wide persistence. It does include an optional tmux automation pattern that targets a session named 'claude-session', but this operates at the user level and does not alter other skills or global agent config.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xdotool-control - After installation, invoke the skill by name or use
/xdotool-control - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: desktop automation
Metadata
Frequently Asked Questions
What is Xdotool Control?
Mouse and keyboard automation using xdotool. Use when clicking Chrome extension icons, typing into GUI apps, switching browser tabs, automating desktop UI, o... It is an AI Agent Skill for Claude Code / OpenClaw, with 769 downloads so far.
How do I install Xdotool Control?
Run "/install xdotool-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Xdotool Control free?
Yes, Xdotool Control is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Xdotool Control support?
Xdotool Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Xdotool Control?
It is built and maintained by jeremysommerfeld8910-cpu (@jeremysommerfeld8910-cpu); the current version is v1.0.0.
More Skills