← Back to Skills Marketplace
Computer Use
by
Ram-Raghav-S
· GitHub ↗
· v1.2.1
15529
Downloads
40
Stars
126
Active Installs
5
Versions
Install in OpenClaw
/install computer-use
Description
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Usage Guidance
Install only on a dedicated disposable headless server or VM. Before running setup-vnc.sh, inspect it, restrict VNC/noVNC to localhost or firewall-only access, add authentication, avoid exposing ports 5900 or 6080 publicly, and prepare rollback steps for disabling the systemd services and restoring /usr/bin/xfdesktop.
Capability Analysis
Type: OpenClaw Skill
Name: computer-use
Version: 1.2.1
The skill bundle is designed for legitimate desktop control, but contains several security vulnerabilities. The most critical is `scripts/vnc_start.sh`, which starts an `x11vnc` server with the `-nopw` flag, allowing unauthenticated local access to the virtual desktop. While the recommended `setup-vnc.sh` script does not use this flag for its service, the presence of `vnc_start.sh` in the bundle introduces a significant risk if invoked. Additionally, `scripts/cursor_position.sh` uses `eval`, and scripts like `scripts/key.sh` and `scripts/hold_key.sh` pass user input directly to `xdotool`, which could be exploited via prompt injection or if `xdotool` has parsing vulnerabilities, allowing for potentially disruptive key sequences or commands.
Capability Assessment
Purpose & Capability
The scripts match the stated purpose: Xvfb/XFCE desktop setup, VNC viewing, screenshots, mouse, keyboard, scrolling, typing, and cropped screen capture. That capability is inherently broad because it can view and control anything on the virtual desktop.
Instruction Scope
The skill documents SSH tunneling and auto-screenshots, but VNC/noVNC access is not strongly bounded in the artifacts. One helper starts x11vnc with no password, and the persistent service definitions do not configure VNC authentication or clearly enforce localhost-only browser access.
Install Mechanism
The setup script uses sudo to install packages, copy files to /opt, write systemd units under /etc/systemd/system, and replace /usr/bin/xfdesktop with a stub. Those changes are more invasive than a lightweight skill install and lack a clear uninstall or rollback path.
Credentials
The behavior is proportionate for a disposable headless Linux server dedicated to automation, but it is under-scoped for shared, production, or normal desktop hosts because it can expose remote desktop control and alter global XFCE behavior.
Persistence & Privilege
The setup enables auto-starting, auto-restarting services for Xvfb, XFCE, x11vnc, and noVNC, creating durable remote-control infrastructure that can remain active after the immediate task or after reboot.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install computer-use - After installation, invoke the skill by name or use
/computer-use - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.1
- Improved description to highlight X11-level automation for undetectable interactions (vs browser tools).
- Clarified Chrome usage: added instructions to check user namespace support and avoid unnecessary --no-sandbox flag (improves browser stability).
- Updated manual setup instructions to suggest using the setup script for generating service files.
- Various documentation refinements for clarity and accuracy.
v1.2.0
Flicker-free VNC: systemd services, watchdog script, masked xfdesktop, x11vnc stability flags
v1.1.0
Live desktop viewing and interaction via VNC added.
- Added VNC support (x11vnc, noVNC, websockify) for real-time desktop viewing and remote interaction.
- Included setup instructions and SSH tunneling guidance for secure VNC/web access.
- Added helper scripts: vnc_start.sh and vnc_stop.sh for easy VNC management.
- Updated requirements to include VNC-related packages.
- Improved documentation to cover live desktop access options and usage.
v1.0.1
- Clarified support for headless Linux servers and VPS; emphasized use without a physical monitor.
- Broadened description to highlight model-agnostic compatibility (works with any LLM).
- Improved introductory documentation for clearer audience targeting (VPS/cloud instances).
- No functional or API changes; documentation improvements only.
v1.0.0
Initial release: Provides full virtual desktop GUI automation with 17 standard actions.
This is not a browser-only computer-use skill and is meant to provide additional capabilities that are often a hindrance in the browser-only computer-use skill.
- Control GUI apps using mouse, keyboard, clicks, scrolling, and screenshots on a virtual XFCE desktop (Xvfb).
- Includes shell scripts for each action, such as taking screenshots, typing text, clicking, dragging, and scrolling.
- Standard workflow: screenshot, analyze, act, and verify via screenshots.
- Details on environment, setup requirements, actions reference, and tips for automation provided in the documentation.
- Supports launching GUI applications (browser, terminal, file manager) in the virtual desktop session.
Metadata
Frequently Asked Questions
What is Computer Use?
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,... It is an AI Agent Skill for Claude Code / OpenClaw, with 15529 downloads so far.
How do I install Computer Use?
Run "/install computer-use" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Computer Use free?
Yes, Computer Use is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Computer Use support?
Computer Use is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Computer Use?
It is built and maintained by Ram-Raghav-S (@ram-raghav-s); the current version is v1.2.1.
More Skills