Ezviz Open Camera Config
v1.0.1萤石设备配置技能。支持 9 个设备配置 API,包括布防/撤防、镜头遮蔽、全天录像、移动侦测灵敏度等。 Use when: 需要远程配置萤石设备参数、修改设备布防状态、调整设备功能开关。 ⚠️ 安全要求:必须设置 EZVIZ_APP_KEY 和 EZVIZ_APP_SECRET 环境变量,使用最小权限凭证。
⭐ 1· 256·0 current·0 all-time
byEzvizOpenTeam@ezviz-open
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, required env vars (EZVIZ_APP_KEY, EZVIZ_APP_SECRET, EZVIZ_DEVICE_SERIAL), and included code (device_config.py + token_manager.py) all correspond to calling Ezviz Open API endpoints (openai.ys7.com) to configure device settings. No unrelated credentials, binaries, or network hosts are requested.
Instruction Scope
Runtime instructions and code limit actions to: obtaining an access token, calling the documented Ezviz lapp APIs for device configuration, and printing results. The skill will fallback to reading ~/.openclaw/config.json (and two other OpenClaw paths) for a channels.ezviz entry if env vars are unset — this is documented in SKILL.md. Because it can read those files, it may access config files that also contain other service entries, but the code only extracts channels.ezviz fields.
Install Mechanism
No install spec / external downloads. Dependency is only 'requests' (pip). Code is bundled with the skill; there is no remote fetch or archive extraction. This is a low-risk installation mechanism.
Credentials
Required environment variables (app key/secret and device serial) are appropriate for this API client. The skill also uses a token cache controlled by EZVIZ_TOKEN_CACHE and may read OpenClaw channel config files as a fallback — these behaviors are proportional but worth noting because fallback file reads can expose credentials in shared config files if present.
Persistence & Privilege
always:false (no forced installation). The skill writes a token cache to /tmp/ezviz_global_token_cache/global_token_cache.json and sets file permissions to 0600; this is scoped to caching tokens for efficiency and does not modify other skills or system-wide agent settings.
Assessment
This skill appears to be what it says: an Ezviz device configuration helper. Before installing, follow these precautions: 1) Use a dedicated Ezviz AppKey/AppSecret with minimal permissions (do not reuse a master account key). 2) Prefer setting EZVIZ_APP_KEY, EZVIZ_APP_SECRET, and EZVIZ_DEVICE_SERIAL environment variables to avoid the fallback config-file read. 3) If you do not want any disk-cached tokens, set EZVIZ_TOKEN_CACHE=0; otherwise token JSON will be stored at /tmp/ezviz_global_token_cache/global_token_cache.json (file mode 0600). 4) Review ~/.openclaw/* config files to ensure they don't contain unrelated high-value credentials before allowing this skill to read them. 5) Optionally audit the included scripts (scripts/device_config.py and lib/token_manager.py) yourself to confirm behavior matches your security requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk97dz190d4yjkx2g2c71skakgn835rrs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚙️ Clawdis
EnvEZVIZ_APP_KEY, EZVIZ_APP_SECRET, EZVIZ_DEVICE_SERIAL
Primary envEZVIZ_APP_KEY