← 返回 Skills 市场
PC Control
作者
Rongze Gao
· GitHub ↗
· v1.0.0
657
总下载
1
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install pc-control
功能描述
Remote Windows desktop control from WSL/Linux via screenshot + mouse/keyboard simulation. Use when: user asks to control their PC, click something, open an a...
安全使用建议
This skill implements a powerful capability (remote control of your Windows desktop). The code matches the description, but the package metadata understates what it needs: you will need a Windows Python, PowerShell, and WSL utilities (wslpath). Before installing, verify you trust the skill source and inspect the files. Specific recommendations: 1) Confirm config.json points to the correct Windows python and PowerShell paths; prefer installing dependencies into a dedicated virtualenv rather than the system Python. 2) Limit network exposure: the server binds to 127.0.0.1, but ensure no port forwarding or reverse tunnels expose it externally. 3) Protect the skill directory: .auth_token is stored in plaintext — restrict filesystem permissions and remove the token file when not needed. 4) Consider requiring stronger auth or rotating the token between sessions. 5) Review the launcher stop code (it may forcibly stop python processes matching server.py) to avoid killing unrelated processes. 6) If you are uncomfortable with full GUI control, test in an isolated VM or disposable account first. If you want me to, I can point out the exact lines to change to require authentication on /status, to write token with restricted permissions, or to make the launcher use a venv.
功能分析
Type: OpenClaw Skill
Name: pc-control
Version: 1.0.0
The skill provides remote Windows desktop control via screenshot, mouse, and keyboard simulation, which is an inherently high-risk capability. While the implementation includes security measures like localhost binding and ephemeral token authentication for its FastAPI server (scripts/server.py), and the SKILL.md does not contain prompt injection attempts, the use of PowerShell via `subprocess.run` in `scripts/install.py` and `scripts/launcher.py` to install dependencies and manage the server process represents powerful system command execution. These capabilities, though necessary for the skill's stated purpose, are significant and warrant a 'suspicious' classification due to their potential for misuse if the agent or skill configuration were compromised, even without clear evidence of intentional malicious behavior within the skill itself.
能力评估
Purpose & Capability
The code (server, client, launcher, install) matches the described purpose (screenshot + mouse/keyboard simulation via a FastAPI server on Windows and a WSL client). However the skill metadata claims no required binaries or env vars while the implementation requires a Windows Python, PowerShell, and access to WSL's wslpath/WSL environment to launch the server — this mismatch is unexpected and should have been declared.
Instruction Scope
SKILL.md instructions stick to the stated purpose (install dependencies, start/stop server, take screenshots, perform GUI actions, verify after each action). The instructions do not ask the agent to read unrelated files or external endpoints. Note: the server exposes an unauthenticated /status endpoint (intentional in code) and writes an auth token to a local file that the WSL client reads — both are relevant security/usage details.
Install Mechanism
There is no opaque remote-download install: the provided install.py runs pip via PowerShell to install PyPI packages (fastapi, uvicorn, mss, pyautogui, pillow) into the Windows Python. This is a reasonable, traceable install method. It does, however, depend on the machine's PowerShell and Python configuration.
Credentials
The skill declares no credentials or env requirements but needs local execution privileges: it requires a Windows Python path, PowerShell, and the ability to run wslpath and start/stop Windows processes. It writes .auth_token and .last_used into the skill directory (token is how client authenticates). These local-file and process-control requirements are proportionate to the feature but were not declared in metadata and can expose sensitive control if the host is misconfigured or files are world-readable.
Persistence & Privilege
The skill is not force-included (always:false) and does not modify other skills. It persists two small files (.auth_token and .last_used) in the skill directory and can start/stop a background Python process. That behavior is expected for a local remote-control server, but users should be aware the server grants programmatic desktop control for as long as it runs and the token file exists.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pc-control - 安装完成后,直接呼叫该 Skill 的名称或使用
/pc-control触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: remote Windows desktop control from WSL/Linux via screenshot + mouse/keyboard simulation (FastAPI + pyautogui + mss)
元数据
常见问题
PC Control 是什么?
Remote Windows desktop control from WSL/Linux via screenshot + mouse/keyboard simulation. Use when: user asks to control their PC, click something, open an a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 657 次。
如何安装 PC Control?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pc-control」即可一键安装,无需额外配置。
PC Control 是免费的吗?
是的,PC Control 完全免费(开源免费),可自由下载、安装和使用。
PC Control 支持哪些平台?
PC Control 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 PC Control?
由 Rongze Gao(@zeron-g)开发并维护,当前版本 v1.0.0。
推荐 Skills