ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Closeli Open Device Event Query

v1.0.0

调用 ai-open-gateway 的事件查询接口 POST /api/event/query,支持自然语言查询设备事件,返回 AI 摘要和事件列表。Use when: 需要查询设备检测到的事件、了解某段时间内的活动情况,例如有没有人出现、有没有车开过、我的猫去哪里了等自然语言问题。⚠️ 需设置 AI_GATE...

0· 20·0 current·0 all-time
byCloseliOpenTeam@closeli-open
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, required binary (python3), and the single required credential (AI_GATEWAY_API_KEY) are coherent with a device-event query skill. The script calls only the declared endpoint (/api/event/query) and uses Bearer auth as documented. Minor metadata mismatch: SKILL.md declares a fallback config path (~/.openclaw/.env) in its openclaw.requires.configPaths, but the top-level registry metadata says "Required config paths: none" — this is an inconsistency to be aware of.
!
Instruction Scope
SKILL.md enforces strict display/formatting rules (agent must reformat JSON, strip device_id prefix, produce Markdown links, limit displayed items) while the script purposely outputs raw JSON for the agent to parse. Functional mismatches: SKILL.md says "超过 10 条只展示前 10 条" (show up to 10) but the script truncates events to MAX_EVENTS=3. The device_id prefix removal and Markdown formatting are agent-side responsibilities (documented) but the instructions and implementation are not perfectly aligned.
Install Mechanism
No install spec (instruction-only) and a small Python script is provided. The script depends on the third-party httpx package; it will exit with a message if httpx is not installed (user must run pip). This is low to moderate risk but the dependency is not automatically installed and is not fetched from arbitrary URLs.
!
Credentials
Only AI_GATEWAY_API_KEY is required (appropriate), but the script will read a shared fallback file (~/.openclaw/.env) unless AI_GATEWAY_NO_ENV_FILE=true. That file is shared across skills and may expose credentials to other local skills; SKILL.md warns about this but the default behavior reads it. There is also an environment flag (AI_GATEWAY_VERIFY_SSL=false) that can disable TLS verification — dangerous if used in production. These behaviors increase risk if users do not follow the recommended mitigations.
Persistence & Privilege
Skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not combined with other high-risk factors here.
What to consider before installing
This skill appears to do what it says (call Closeli's ai-open-gateway /api/event/query) but take these precautions before installing: 1) Only provide a key with minimal (event-query) permissions. 2) Avoid putting your API key in ~/.openclaw/.env — prefer environment variables and set AI_GATEWAY_NO_ENV_FILE=true to disable the shared fallback. 3) Never set AI_GATEWAY_VERIFY_SSL=false in production. 4) Confirm the AI_GATEWAY_HOST points to a trusted domain. 5) Note the small mismatches: the script truncates events to 3 while SKILL.md describes a 10-item display rule, and SKILL.md requires agent-side formatting (prefix stripping/Markdown); ensure your agent will perform those steps rather than printing raw JSON. If you need absolute assurance, inspect or run the script in a controlled environment and test with a minimally-scoped API key before using it with production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cx9vasy308swdv8n3xc2pts84fj84

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvAI_GATEWAY_API_KEY
Primary envAI_GATEWAY_API_KEY

Comments