Trust Report

computer-use

Full desktop computer use for headless Linux servers and VPS. Creates a virtual display (Xvfb + XFCE) to control GUI applications without a physical monitor. Screenshots, mouse clicks, keyboard input, scrolling, dragging — all 17 standard actions. Includes flicker-free VNC setup for live remote viewing. Model-agnostic, works with any LLM.

71

SUSPICIOUS

Format: openclawScanner: v0.7.1Duration: 13msScanned: 6d ago · Apr 3, 3:44 AMSource →

Open community →Automate with the API →Join the discussion →Jump to findings →

Embed this badge

AgentVerus SUSPICIOUS 71

AgentVerus SUSPICIOUS 71

AgentVerus SUSPICIOUS 71

[![AgentVerus](https://agentverus.ai/api/v1/skill/13a7c90b-8bd2-481f-824b-67cb27df521a/badge)](https://agentverus.ai/skill/13a7c90b-8bd2-481f-824b-67cb27df521a)

Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

Sign in to comment on this skill

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →

https://agentverus.ai/api/v1/skill/13a7c90b-8bd2-481f-824b-67cb27df521a/trust

Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction

curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"13a7c90b-8bd2-481f-824b-67cb27df521a","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'

Fetch trust JSON

curl https://agentverus.ai/api/v1/skill/13a7c90b-8bd2-481f-824b-67cb27df521a/trust

Category Scores

47

Permissions

92

Injection

87

Dependencies

0

Behavioral

60

Content

100

Code Safety

Findings (16)

highCapability contract mismatch: inferred credential access is not declared-15

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: ~/.ssh/config

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-05

highCapability contract mismatch: inferred system modification is not declared-12

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: sudo

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03

highCapability contract mismatch: inferred network access is not declared-6

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: http://localhost:6080/vnc.html

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-04

highCapability contract mismatch: inferred content extraction is not declared-10

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: screenshot

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-02

highCapability contract mismatch: inferred local service access is not declared-10

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: http://localhost:6080

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03

highSystem modification detected (inside code block)-20

Found system modification pattern: "sudo apt install"

sudo apt install -y xvfb xfce4 xfce4-terminal xdotool scrot imagemagick dbus-x11 x11vnc novnc websockify

→ Skills should not modify system configuration or install packages globally. Bundle required dependencies.

behavioralASST-03

highSystem modification detected (inside code block)-20

Found system modification pattern: "systemctl restart"

sudo systemctl restart xvfb xfce-minimal x11vnc novnc

→ Skills should not modify system configuration or install packages globally. Bundle required dependencies.

behavioralASST-03

highSystem modification detected (inside code block)-20

Found system modification pattern: ".service"

sudo cp systemd/*.service /etc/systemd/system/

→ Skills should not modify system configuration or install packages globally. Bundle required dependencies.

behavioralASST-03

highLocal file access detected (inside code block)-15

Found local file access pattern: "`screenshot.sh`"

| screenshot | `screenshot.sh` | — | Capture screen → base64 PNG |

→ Treat local file browsing as privileged access. Restrict it to explicit user-approved paths and avoid combining it with unrestricted browser/session reuse.

behavioralASST-03

highLocal file access detected (inside code block)-15

Found local file access pattern: "scripts/setup-vnc.sh"

./scripts/setup-vnc.sh

→ Treat local file browsing as privileged access. Restrict it to explicit user-approved paths and avoid combining it with unrestricted browser/session reuse.

behavioralASST-03

highHigh-risk workflow lacks explicit safety boundaries-20

The skill performs or enables higher-risk operations but does not define explicit safety boundaries describing what it must not do.

No safety boundary patterns found alongside high-risk capability language

→ Add a 'Safety Boundaries' section listing what the skill must NOT do (e.g., no file deletion, no network access beyond needed APIs).

contentASST-09

highLocal service URL reference-8

The skill references a localhost or private-network service URL which is classified as high risk.

http://localhost:6080/vnc.html

→ Review localhost/private-network service references carefully. Local service URLs can expose internal apps, admin panels, or developer tooling to agent-driven workflows.

dependenciesASST-04

highLocal service access detected (inside code block)-15

Found local service access pattern: "http://localhost:6080"

http://localhost:6080/vnc.html

→ Treat localhost and loopback services as privileged local attack surfaces. Require explicit approval, constrain reachable ports, and avoid combining local access with session reuse or tunneling.

behavioralASST-03

mediumCredential access detected (inside code block)-8

Found credential access pattern: "~/.ssh/config"

Add to `~/.ssh/config` for automatic tunneling:

→ Remove references to credentials and secrets. Skills should never access sensitive authentication data.

injectionASST-05

mediumBrowser content extraction detected (inside code block)-5

Found browser content extraction pattern: "Take screenshot"

# Take screenshot

→ Treat browser page capture and HTML/text extraction as potential data-access operations, especially when sessions may be authenticated. Make the data-access scope explicit and avoid collecting more page content than needed.

behavioralASST-02

lowUnknown external reference-5

The skill references an unknown external domain which is classified as low risk.

https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

→ Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04