ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

小米家居 (Xiaomi Home)

v1.2.1

[English] Control Xiaomi Home devices via local LAN using miiocli. Supports status checks, toggling power, and MIOT property manipulation for devices like smart plugs, humidifiers, and rice cookers. | [中文] 通过局域网利用 miiocli 控制米家智能设备。支持查看状态、开关控制以及对智能插座、加湿器、电饭煲等 MIOT 设备的属性调优。

3· 3.8k·21 current·26 all-time
by@pegasus02
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (local LAN control via miiocli) matches the provided artifacts: SKILL.md maps intents to miiocli commands and a token_extractor.py is included to obtain device IPs/tokens. Requiring miiocli only is proportionate. However the metadata contains a platform-specific pipx install command (references /Users/$(whoami)/.local/...), and the repository ships a pre-filled 'my_private_devices.md' containing many device IPs and 32‑byte tokens — that file is unexpected for a generic skill and leaks sensitive data.
!
Instruction Scope
SKILL.md explicitly instructs the user (or agent) to run scripts/token_extractor.py to fetch Xiaomi cloud tokens; the script requests Xiaomi account credentials, interacts with Xiaomi cloud endpoints, and can open a local HTTP server for auth flows. Those actions are coherent with the stated goal but expand the skill's scope to collecting sensitive account credentials and device tokens. Additionally, the repository already includes references/my_private_devices.md with many clear-text tokens and IPs (marked 'DO NOT PUBLISH'), which contradicts best practices and is a direct sensitive-data exposure.
Install Mechanism
The skill is instruction-only (no formal install spec), which is lower risk. The skill metadata suggests an install step that runs: 'pipx install python-miio && /Users/$(whoami)/.local/pipx/venvs/python-miio/bin/python -m pip install "click<8.1.0"'. That command is macOS/user-home-centric and brittle (hardcoded user path pattern) and not cross-platform. The SKILL.md does not declare or install other Python runtime deps referenced by token_extractor.py (requests, Pillow, Crypto/Cryptodome, colorama), creating an inconsistency in declared vs required installs.
!
Credentials
The skill does not declare environment variables, which is fine. But runtime instructions (and the included script) require Xiaomi account credentials and produce device tokens — legitimate for the purpose but high-risk. More importantly, the repo already contains references/my_private_devices.md populated with multiple real-looking tokens and IPs. Including third-party device tokens in the skill bundle is inappropriate and a direct sensitive-data leakage; it makes the package risky to distribute or run without cleaning those files.
Persistence & Privilege
The skill does not request 'always: true' and does not declare system-wide modifications. It is instruction-only with no install that writes to system paths (aside from the metadata's suggested pipx install which operates in the user's home). There is no evidence the skill attempts to modify other skills or global agent settings.
What to consider before installing
What to consider before installing/using this skill: - The skill will ask you to run a token-extractor script that requires your Xiaomi account credentials and will retrieve device IPs and 32‑byte local tokens. This is necessary to control devices locally but is sensitive: only run on a machine you control and trust. - The repository includes a file (references/my_private_devices.md) containing multiple clear-text device tokens and IPs. Treat that as exposed secrets: delete or sanitize that file before using or sharing this skill, and do not assume the shipped tokens are yours. - The metadata's install command is macOS/user-home specific and brittle. Review and run install commands manually rather than blindly copy/pasting; consider installing in a virtual environment or disposable VM. - Inspect scripts/token_extractor.py yourself: it talks to Xiaomi cloud endpoints (api.io.mi.com) and may open a local HTTP server for auth flows — verify there are no unexpected external endpoints before entering credentials. - Prefer running the token extraction in an isolated environment (VM, container) and keep extracted tokens in a local, private store (not in the repo). Rotate/change account credentials if you suspect any exposure. If you want, I can: (1) scan token_extractor.py for any network calls beyond Xiaomi endpoints, (2) highlight exactly which libraries it imports and which install commands are needed, or (3) produce a safe step-by-step runbook to extract tokens locally and store them securely.

Like a lobster shell, security has layers — review code before you run it.

latestvk972dsjhm6wqsfapgczzpr126980hxsr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏠 Clawdis
Binsmiiocli

Comments