Xiaozhi Mcp Server
v2.0.8让小智智能盒子连接OpenClaw,成为你的智能语音助手
⭐ 0· 195·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The code implements an HTTP /mcp endpoint, a WebSocket /ws endpoint, token generation under ~/.config/openclaw-mcp/token, and a run_agent tool that calls the local 'openclaw agent' CLI — all consistent with a MCP server that forwards Xiaozhi voice input to OpenClaw. Minor incoherence: package.json lists Python packages under npm-style dependencies and the project expects a system 'openclaw' CLI which is not declared in metadata.
Instruction Scope
SKILL.md only instructs running scripts/start.sh and configuring the device; actual start.sh will create config.yaml if missing, interactively prompt for target_session, auto-generate a token file, and may install Python deps. The runtime server reads/writes files under the user's home (~/.config/openclaw-mcp) and runs the 'openclaw' CLI — these are within scope for this integration but are not fully documented in SKILL.md.
Install Mechanism
There is no formal install spec in registry metadata (instruction-only), but scripts/start.sh can auto-install Python packages using pip3 with --break-system-packages (global install). That modifies the host Python environment without isolating dependencies (no virtualenv). The script also queries an external service (ifconfig.me) to determine public IP and prints it; contacting that external endpoint on start is a modest privacy/operational concern.
Credentials
The skill does not declare required credentials or config paths beyond its own ~/.config/openclaw-mcp token and a local config.yaml. The code uses an optional environment variable XIAOZHI_MCP_PORT to override the port; this is proportional. No unrelated third-party credentials are requested.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. It writes state under the user's config directory (~/.config/openclaw-mcp) and creates PID/log files in /tmp — behavior consistent with a userland service. It does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says (bridge Xiaozhi to OpenClaw), but review a few things before installing: 1) inspect scripts/start.sh — it may auto-install Python packages globally using pip3 --break-system-packages; consider running inside a virtualenv or container instead. 2) ensure you trust and have the 'openclaw' CLI installed (server.py calls 'openclaw agent'); otherwise the service will fail. 3) start.sh contacts ifconfig.me to fetch a public IP at startup (no data exfiltration visible, but it's an external network call). 4) check the generated token file at ~/.config/openclaw-mcp/token and the target_session setting to avoid accidentally delivering replies to the wrong account. 5) the package.json metadata is slightly inconsistent (lists Python deps), which looks like sloppy packaging but not necessarily malicious. If you need higher assurance, ask the author for a packaged install or run the server in an isolated environment and audit runtime behavior (network endpoints, spawned processes).Like a lobster shell, security has layers — review code before you run it.
latestvk973ya1ma8ptwzbe3weq4sh6g583dq00
License
MIT-0
Free to use, modify, and redistribute. No attribution required.