Alexa CLI
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: alexa-cli Version: 1.3.0 The OpenClaw skill bundle for `alexa-cli` appears benign. The `skill.md` provides clear instructions for installing and using the `alexacli` tool via standard package managers (Homebrew, Go install) from a publicly available GitHub repository. There are no signs of prompt injection attempts against the agent, no instructions for data exfiltration, malicious execution, persistence, or obfuscation. All described functionalities are legitimate interactions with Amazon Alexa devices via the specified CLI tool.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or hijacked agent instruction could issue Alexa commands that affect the home, such as changing thermostats, locking doors, playing audio, or broadcasting announcements.
The skill exposes a broad natural-language command path to Alexa, including smart-home actions, and explicitly recommends it for agentic use without stating confirmation or scoping requirements for high-impact actions.
Send any command as if you spoke it to Alexa ... alexacli command "lock the front door" ... For AI/agentic use, `alexacli command` with natural language is preferred
Use only after explicit user requests, require confirmation for locks, thermostats, announcements, purchases, or other high-impact commands, and consider limiting allowed devices and command types.
Anyone or any process that can use the stored Alexa credentials may be able to act through the user's Alexa account until the token expires or is revoked.
The skill requires delegated Amazon/Alexa authentication and stores a refresh token locally. This is expected for Alexa control, but it is sensitive account authority.
alexacli auth ... Token is valid ~14 days. Configuration stored in `~/.alexa-cli/config.json`.
Run `alexacli auth logout` when access is no longer needed, protect `~/.alexa-cli/config.json`, and avoid using this skill on shared or untrusted machines.
A compromised or changed upstream CLI could misuse Alexa credentials or device-control authority.
The skill depends on an external CLI installed from a Homebrew tap or an unpinned Go module. This is central to the skill's purpose, but provenance and version pinning matter because the CLI receives Alexa account access.
brew | formula: buddyh/tap/alexacli ... go | module: github.com/buddyh/alexa-cli/cmd/alexa@latest
Install only from a trusted source, consider pinning or reviewing the upstream version, and update deliberately rather than blindly.
Private calendar items, voice history, or assistant conversations could be shown in the agent session or reused in later reasoning if the user asks for them.
The skill can retrieve sensitive Alexa-linked context, including calendar data, voice activity history, and Alexa+ conversation history. This is disclosed and purpose-aligned, but the data can be private.
alexacli ask "what's on my calendar today" ... `alexacli history` | View recent voice activity ... `alexacli fragments <id>` | View Alexa+ conversation history
Only query history, calendar, or conversation fragments when necessary, and review outputs before copying or sharing them elsewhere.