open-computer-use-automation

SUSPICIOUS: The skill's capabilities mostly match its stated desktop-automation purpose, and the npm install path is plausible, but it grants very broad local control and sensitive screen access. The biggest concern is the transitive `npx skills add` installation path to a third-party repo, which extends trust beyond the core CLI. This looks more like a high-risk automation skill than confirmed malware.