Back to skill
Skillv1.0.8
VirusTotal security
小度控制 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 6:05 AM
- Hash
- 498f790b429a206e4eca8a4b2ff49d44b631d1819c8458b044c2f939ec77f752
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xiaodu-control-official Version: 1.0.8 The xiaodu-control-official skill bundle is a legitimate integration for managing Xiaodu (DuerOS) smart screens and IoT devices via the Model Context Protocol (MCP). It provides a suite of Bash and Python scripts (e.g., control_iot.sh, speak.sh, device_resolver.py) that wrap the mcporter CLI to perform device discovery, media playback, and home automation tasks. While the skill includes sensitive capabilities such as camera access (take_photo.sh) and media pushing, these are documented features of the target hardware. The bundle includes extensive documentation, security best practices for token management, and lacks any indicators of data exfiltration, unauthorized persistence, or malicious intent.
- External report
- View on VirusTotal