← 返回 Skills 市场
Win Control
作者
ScottZhouZhou
· GitHub ↗
· v1.0.0
· MIT-0
93
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install win-control
功能描述
Control Windows mouse clicks and keyboard inputs via PowerShell scripts, supporting text, shortcuts, and customizable click actions.
安全使用建议
This skill appears to do what it says (automate Windows input) but the package contains only documentation and no PowerShell scripts; installing it as-is will require you (or the agent) to obtain the referenced .ps1 files from elsewhere. Before using or allowing autonomous invocation: 1) do not run scripts you haven't inspected — request the actual .ps1 files and review their contents for network calls, credentials access, or commands that perform I/O or spawn other processes; 2) be cautious with examples that use -ExecutionPolicy Bypass and absolute paths (these can run arbitrary code and may target user home directories); 3) test in an isolated VM or non-production account first; 4) if you only need to send messages to a service like DingTalk, prefer an API-based integration (which will require explicit credentials) rather than UI automation; and 5) if you want to proceed, ask the publisher to provide the scripts (or a trusted install mechanism) and ensure the skill package includes them so behavior is auditable.
功能分析
Type: OpenClaw Skill
Name: win-control
Version: 1.0.0
The bundle provides high-risk Robotic Process Automation (RPA) capabilities, including mouse/keyboard control and DingTalk messaging automation via PowerShell scripts. These capabilities are inherently risky as they allow an AI agent to perform arbitrary UI actions. The actual source code for the scripts (e.g., rpa-dingtalk-smart.ps1, mouse-click.ps1) is missing, preventing verification of input sanitization for parameters like -Message or -Text, which could be vulnerable to injection. Additionally, the documentation contains hardcoded local paths (C:\Users\xl\...) and utilizes -ExecutionPolicy Bypass, indicating poor security hygiene or potential for unauthorized execution.
能力评估
Purpose & Capability
The skill's name/description say it controls mouse and keyboard via PowerShell scripts, which matches the commands in SKILL.md. However, the bundle contains no scripts or install step; all commands reference scripts under skills/win-control/scripts/*.ps1 (and an absolute example path under a user's .openclaw workspace). Requiring external scripts that are not packaged or installed is an incoherence: either the skill expects files to already exist on the host or the distributor omitted them.
Instruction Scope
SKILL.md instructs running PowerShell with -ExecutionPolicy Bypass to execute scripts that simulate mouse/keyboard and an RPA script to interact with DingTalk. That behavior is consistent with the stated purpose, but these commands will operate on the active window, send keystrokes, and can send messages to contacts (rpa-dingtalk-smart.ps1). Running arbitrary PowerShell (ExecutionPolicy Bypass) is powerful — expected for this task but high-risk if the underlying scripts are unreviewed or come from an untrusted source.
Install Mechanism
There is no install spec (instruction-only), which minimizes automated install risk. However, because no scripts are shipped, the skill as-distributed cannot function without external script files; this missing-install mismatch is a concern for coherence (it increases the chance a user or agent will fetch/execute scripts from other locations).
Credentials
The skill does not request environment variables, credentials, or config paths. That is proportionate to its described functionality (local automation) — there are no unexplained secret requests in the metadata or instructions.
Persistence & Privilege
always is false and there is no install step that modifies other skills or global agent settings. The skill uses commands that the agent may invoke (default autonomous invocation allowed), which is normal. Note: the use of PowerShell with ExecutionPolicy Bypass can elevate the risk of local script execution if combined with external or unreviewed code.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install win-control - 安装完成后,直接呼叫该 Skill 的名称或使用
/win-control触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of win-control.
- Allows control of Windows mouse and keyboard via PowerShell scripts.
- Supports mouse clicks at specified screen coordinates.
- Enables sending text and keyboard shortcuts (e.g., CTRL+C, ALT+TAB).
- Lists supported shortcut keys (function keys, navigation, etc.).
- Includes safety warnings for use in test environments.
元数据
常见问题
Win Control 是什么?
Control Windows mouse clicks and keyboard inputs via PowerShell scripts, supporting text, shortcuts, and customizable click actions. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 93 次。
如何安装 Win Control?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install win-control」即可一键安装,无需额外配置。
Win Control 是免费的吗?
是的,Win Control 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Win Control 支持哪些平台?
Win Control 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Win Control?
由 ScottZhouZhou(@scottzhouzhou)开发并维护,当前版本 v1.0.0。
推荐 Skills