desktop

No direct evidence of covert malware, credential theft, persistence, or network exfiltration in this code fragment. The script is best characterized as a high-impact local automation utility: it overwrites the user’s clipboard, injects mouse and keyboard events to paste and send a message in WeChat, and captures a screenshot region to run OCR for verification. These behaviors elevate security/privacy risk (clipboard persistence and screen capture of potentially sensitive UI content) and create a capability that could be abused for unwanted messaging or unintended UI interactions if executed unexpectedly or modified for other targets.

No clear evidence of classic malware (e.g., network exfiltration, shelling out based on OCR text, credential theft, or sabotage) is present in this bash fragment. However, the script is a persistent, automated OCR-based monitor that captures a WeChat window, extracts chat text, and writes sensitive artifacts (OCR text and screenshots) to predictable /tmp locations. This represents a significant privacy/security risk, and the safety of the invoked OCR dependency ($SCRIPT_DIR/ocr.py) cannot be verified from this fragment alone.

This module is a dual-use screen-scraping OCR utility: it can capture full screen or a cursor-centered region, extract readable text and bounding metadata with Apple Vision, and output cursor coordinates and OCR results to stdout/JSON. While there is no explicit malware logic (no network exfiltration/persistence/exec) in this snippet, the core functionality strongly supports privacy-invasive surveillance workflows and can readily be repurposed by a surrounding toolchain. The use of tempfile.mktemp introduces a security hygiene issue (TOCTOU risk).

该 skill 的核心桌面自动化能力与声明目的基本一致，未见明显凭据窃取或第三方中转。但它授予代理高影响 GUI 控制和微信发送能力，且 OCR 执行环境不可验证，整体应判定为 SUSPICIOUS 而非恶意：高操作风险、非明确恶意。