Skillv1.0.8

ClawScan security

小度控制 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 3:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill's files, required tools, and runtime instructions are coherent with its stated purpose of controlling 小度 smart screens and IoT devices; nothing in the package requests unrelated credentials or attempts hidden network exfiltration.
Guidance: This skill appears coherent: it needs mcporter and an ACCESS_TOKEN to talk to your 小度 MCP servers and uses local scripts to run mcporter calls. Before installing: 1) Treat ACCESS_TOKEN like any sensitive token — give it least privilege and ensure it is stored only in your mcporter config (not pasted into chats). 2) Review ~/.mcporter/mcporter.json to confirm the configured servers and headers. 3) Be aware that the IoT path uses `npx -y dueros-iot-mcp` which will download and run an npm package the first time — if you require tighter supply-chain control, preinstall and vet that package locally. 4) The skill will write device snapshots to a workspace directory (default ~/.openclaw/workspace/xiaodu-control); remove or secure those files if they contain data you don’t want saved. 5) When using resource URLs (images/videos), only provide trusted URLs — the device or MCP may fetch them. If you want extra assurance, run the included test-cases locally (as documented) with a throwaway token or in a controlled environment first.

Review Dimensions

Purpose & Capability: okName/description match the actual behavior: scripts and docs all revolve around mcporter-based control of 智能屏 and xiaodu-iot. Required binaries (mcporter, python3, bash, npx) and one env var (ACCESS_TOKEN) are appropriate for connecting to MCP servers and the dueros-iot-mcp stdio server.
Instruction Scope: okSKILL.md and scripts confine actions to: probing MCP endpoints, listing devices, resolving device IDs, and issuing mcporter calls for media and IoT control. Scripts reference ~/.mcporter/mcporter.json and a workspace directory for snapshots — expected for this integration. There are no instructions to read unrelated system secrets, exfiltrate logs to external domains, or call unexpected endpoints outside the MCP flow.
Install Mechanism: noteThere is no explicit install spec; the skill is distributed as scripts and docs (no packaged binary). The documented use of npx (dueros-iot-mcp) will perform an on-demand npm download at runtime when the IoT stdio server is started; this is expected for the dueros-iot integration but does carry the usual risk of running code fetched from npm. The package otherwise does not download arbitrary archives or use shortened/untrusted URLs.
Credentials: okThe only required environment input is ACCESS_TOKEN, which aligns with the MCP authentication model described. The skill legitimately reads mcporter configuration (default ~/.mcporter/mcporter.json) to obtain server definitions; that is expected but means the skill uses whatever tokens or headers are present in the user's mcporter config. No unrelated credentials or high-privilege env vars are requested.
Persistence & Privilege: noteThe skill does not request always:true and openai.yaml disables implicit invocation. Scripts write device snapshots to a workspace (default ~/.openclaw/workspace/xiaodu-control) and may create JSON/Markdown there — this is expected for caching and diagnostics but you should be aware device identifiers and statuses will be written to disk. The skill does not modify other skills or system-wide settings.