Closeli Open Device List Query
v1.0.0调用 ai-open-gateway 的设备列表查询接口 POST /api/device/list,获取当前用户绑定的所有设备信息。Use when: 需要查看绑定了哪些设备、获取设备 MAC 地址、确认设备是否已绑定。⚠️ 需设置 AI_GATEWAY_API_KEY。
⭐ 0· 31·0 current·0 all-time
byCloseliOpenTeam@closeli-open
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the implementation: the script calls POST /api/device/list on ai-open-gateway, requires python3 and AI_GATEWAY_API_KEY, and exposes optional host/SSL flags. Declared configPaths include ~/.openclaw/.env which the script uses as described.
Instruction Scope
SKILL.md restricts behavior to calling /api/device/list and requires the agent to parse the script's JSON output and present a formatted table rather than raw JSON. The bundled script prints the full JSON to stdout (so the agent must parse that output as instructed). The only scope-expanding behavior is the optional fallback read of ~/.openclaw/.env (declared in metadata and documented in SKILL.md).
Install Mechanism
This is instruction-only with a small Python script. There is no remote download; the only dependency is the public httpx package (the script prints an instruction to pip-install it if missing). No high-risk install actions found.
Credentials
Only AI_GATEWAY_API_KEY is required (primary credential). Optional env vars for host and SSL are reasonable. The script does read ~/.openclaw/.env by default as a fallback which can contain other keys shared among skills — this behavior is declared in metadata and SAFETY notes, but you should avoid using the shared file in production (set AI_GATEWAY_NO_ENV_FILE=true and provide the API key via environment variable).
Persistence & Privilege
No always:true, no installation changes, and the skill does not modify other skills or system-wide settings. It only reads config and makes an outbound request to the declared API host.
Assessment
This skill appears to do what it says: it issues a POST to /api/device/list and requires only AI_GATEWAY_API_KEY and Python. Before installing: 1) Use a minimal-privilege API key scoped to device-list operations. 2) Prefer passing AI_GATEWAY_API_KEY via environment variable and set AI_GATEWAY_NO_ENV_FILE=true to avoid the shared ~/.openclaw/.env fallback (the skill documents this). 3) Verify AI_GATEWAY_HOST is the expected trustworthy domain and do not disable TLS in production. 4) Expect the script to print raw JSON — the agent is instructed to parse and format it; confirm your agent enforces that display rule. 5) The script may ask you to pip-install httpx if missing. If you need higher assurance, review network traffic or run the script in an isolated environment with a test API key first.Like a lobster shell, security has layers — review code before you run it.
latestvk97bgvxa4qd5hqd6qbd8g7y2ah84eys4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython3
EnvAI_GATEWAY_API_KEY
Primary envAI_GATEWAY_API_KEY