osctrl-desktop-automation

SUSPICIOUS: the skill's capabilities mostly align with desktop automation, but it grants an AI agent powerful local control plus screenshot/clipboard access with minimal safeguards and no provenance details for the required CLI. There is no explicit credential theft or exfiltration endpoint, so this is not confirmed malware, but it is a high-impact automation skill that should be treated as risky.