← 返回 Skills 市场
79
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install xia-desktop-agent
功能描述
Windows桌面自动化代理。通过自然语言或预设指令控制桌面:截图、点击、输入、按键、打开应用、微信发消息/文件、ToDesk远程连接。Use when user asks to control desktop, send WeChat messages, establish ToDesk remote conn...
安全使用建议
This skill largely does what it says (Windows GUI automation), but review and take precautions before installing:
- Local LLM dependency: task_planner posts to http://127.0.0.1:18789. Ensure you have a trusted local LLM at that address or modify the code; otherwise planning will fail or unexpectedly reach another network endpoint.
- Screenshots can contain sensitive info (passwords, private documents). The workflow encourages sending screenshots to an 'image' tool for OCR — confirm that any OCR/image tool is local and trusted before permitting automatic uploads.
- open_app uses subprocess.Popen(cmd, shell=True) for arbitrary app names. That can execute arbitrary shell commands if the 'app' string is attacker-controlled. If you will accept free-text plans, consider restricting allowed app names or removing shell=True.
- SafetyChecker only warns on dangerous keywords and does not block execution. Do not rely on it to prevent destructive actions; test in a sandboxed VM or non-sensitive machine first.
- WeChat file send can be used to transmit local files. Avoid running the skill on machines containing sensitive files unless you trust both the skill and the human/agent invoking it.
Recommended actions: run code review in your environment, run the skill in an isolated VM for testing, harden plan_task to a trusted LLM endpoint, sanitize or whitelist values passed to open_app, and ensure any OCR/image calls require explicit human approval before sending screenshots off-host.
功能分析
Type: OpenClaw Skill
Name: xia-desktop-agent
Version: 1.0.0
The skill bundle provides extensive Windows desktop automation capabilities that pose a high security risk. Key indicators include a hardcoded ToDesk device code ('401315614') in both `SKILL.md` and `scripts/presets.py`, combined with a workflow designed to screenshot and exfiltrate remote access passwords to the chat interface. Furthermore, the safety module in `scripts/safety.py` is deceptive; while it identifies dangerous patterns (e.g., 'format', 'shutdown', 'del'), the `check_task` function is hardcoded to return `True` and allow the operations to proceed. The agent also utilizes high-risk functions like `subprocess.Popen(shell=True)` in `scripts/desktop_agent.py` and automates sensitive applications like WeChat, creating a significant surface for unauthorized data access or remote control.
能力评估
Purpose & Capability
The name/description (Windows desktop automation, WeChat, ToDesk) match the included code and presets. The code implements expected functions (screenshot, click, type, open app, WeChat send, ToDesk screenshot). One incongruity: task_planner calls a local LLM endpoint (http://127.0.0.1:18789) but SKILL.md doesn't declare this as a runtime dependency or requirement.
Instruction Scope
SKILL.md and code direct the agent to take and save screenshots and to use an 'image' tool to OCR ToDesk passwords — that will commonly send screenshots to an external image model/tool (potentially exfiltrating sensitive screen contents). The planning path calls a local LLM service to generate action steps; that network call is not documented in requires.env. The SafetyChecker only logs/warns on dangerous keywords and returns True (it doesn't block dangerous plans), meaning the agent could still perform high-impact operations if a plan includes them.
Install Mechanism
This is instruction+code only; dependencies are Python packages (pyautogui, opencv, Pillow, pyperclip, pygetwindow, requests) installed via pip as documented. No remote binary downloads or obscure install URLs are used.
Credentials
The skill requests no environment variables or external credentials, which fits the claimed purpose. However, it reads/writes local paths (C:\temp\desktop_agent, C:\home\.openclaw\workspace\todesk_screen.png) and can send arbitrary local files via the WeChat preset (wechat_file). Combined with the SKILL.md recommendation to OCR screenshots using an 'image' tool, this creates an implicit channel to disclose sensitive local data unless the operator ensures the image tool is local and trusted.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and has no install spec that persistently alters system-wide configuration. It runs when invoked by the user or when the agent autonomously chooses to invoke it (normal platform behavior).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xia-desktop-agent - 安装完成后,直接呼叫该 Skill 的名称或使用
/xia-desktop-agent触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Windows桌面自动化:截图、点击、输入、微信发消息、ToDesk远程连接
元数据
常见问题
Xia Desktop Agent 是什么?
Windows桌面自动化代理。通过自然语言或预设指令控制桌面:截图、点击、输入、按键、打开应用、微信发消息/文件、ToDesk远程连接。Use when user asks to control desktop, send WeChat messages, establish ToDesk remote conn... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 79 次。
如何安装 Xia Desktop Agent?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xia-desktop-agent」即可一键安装,无需额外配置。
Xia Desktop Agent 是免费的吗?
是的,Xia Desktop Agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Xia Desktop Agent 支持哪些平台?
Xia Desktop Agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Xia Desktop Agent?
由 Oldairman(@oldairman)开发并维护,当前版本 v1.0.0。
推荐 Skills