Aqara Agent
ReviewAudited by ClawScan on May 11, 2026.
Overview
The skill is mostly coherent for Aqara smart-home control, but it asks for powerful home-account access while claiming to be official without a verifiable source or homepage.
Only install this if you can verify it is from Aqara or a publisher you trust. If you proceed, keep assets/user_account.json private, avoid committing it to repositories, confirm the API URL is trusted, and review any command that changes devices, scenes, automations, security settings, or firmware.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may trust the skill and paste an Aqara API key based on an unverified official-branding claim.
The skill presents itself as official, but the supplied registry information does not provide a source or homepage to verify that claim. This matters because the skill requests sensitive Aqara account authority and can control smart-home devices.
Description: "aqara-agent is an official Aqara Home AI Agent skill"; Source: unknown; Homepage: none
Verify through an official Aqara distribution channel before providing credentials or allowing device control.
Incorrect or unintended commands could turn devices on or off, change automations, run scenes, or start firmware upgrades.
The skill intentionally exposes actions that can change the physical home environment and persistent automations. This is aligned with the stated smart-home purpose, but it is high-impact authority.
supports ... device control ... firmware/OTA upgrade ... scene management (query, execute, create, snapshot, and logs), automation management (create, query, detail, toggle, and logs)
Use the skill only when you expect smart-home changes, and review sensitive actions such as security, automation, and firmware changes before confirming them.
The Aqara credential authorizes actions on the user's account and home; if the configured endpoint is wrong or untrusted, the token could be sent somewhere unexpected.
The saved Aqara API key is used as a bearer token for API calls, and the API base URL can be overridden by environment or local account configuration. This is disclosed integration behavior, but the endpoint must be trusted.
env_url = (os.environ.get("AQARA_OPEN_API_URL") or "").strip() ... disk_url = load_optional_open_api_base_url() ... self.session.headers.update({"Authorization": f"Bearer {key}"})Keep the default Aqara endpoint unless you intentionally use a trusted proxy, and do not share or log the Aqara API key.
If this file is committed, shared, or modified by someone else, the Aqara key or home selection could be exposed or misused.
The skill keeps persistent local account context, including credentials and selected home data, which is reused across future calls.
assets/user_account.json # Live credentials + home selection (sensitive; do not commit)
Store this file only in a private local environment, add it to .gitignore, and rotate the key if it is exposed.
A future install may pull a different requests version than the one the author tested.
The documented setup installs a package dependency with a lower-bound version rather than a pinned exact version. This is common for Python HTTP clients and purpose-aligned, but it leaves dependency resolution to the installer.
requests>=2.28
Install in an isolated environment and consider pinning dependencies in a lockfile for production use.