Ecovacs Mcp

PassAudited by ClawScan on May 10, 2026.

Overview

This skill is a coherent Ecovacs robot-vacuum control integration, but users should understand it requires an Ecovacs API key, can control a real device, and runs an external MCP package.

This appears safe for its stated purpose if you want your assistant to control your Ecovacs vacuum. Before installing, verify the external ecovacs-robot-mcp package, protect the ECO_API_KEY, and consider requiring confirmation before the assistant starts, stops, or docks the robot.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

If enabled, the assistant can start, pause, stop, or dock the robot vacuum when it interprets a relevant user request.

Why it was flagged

The skill exposes tools that can change the state of a physical robot vacuum. This matches the skill's purpose, but users should notice that the assistant may issue real device commands.

Skill content

`start_cleaning` ... `act` `s` Start cleaning ... `act` `h` Stop cleaning; `control_recharging` ... `go-start` Return to charging dock

Recommendation

Enable only for an account and robot you want the assistant to control; consider requiring explicit confirmation before start/stop/dock actions.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone with access to the configured API key may be able to interact with the user's Ecovacs account or robot through the MCP server.

Why it was flagged

The skill requires an Ecovacs API key tied to the user's account and account-bound robot devices. This is expected for the integration and no artifact shows credential logging or unrelated use.

Skill content

**API Key** (`ECO_API_KEY`) from [open.ecovacs.com](https://open.ecovacs.com)

Recommendation

Store the API key securely, use the least-privileged key available from Ecovacs, and rotate it if it is exposed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The actual runtime behavior depends on the external ecovacs-robot-mcp package installed at configuration time.

Why it was flagged

The documented setup runs an external Python package that is not included in these artifacts and is not version-pinned in the shown MCP configuration. This is normal for an MCP wrapper, but users depend on that package's provenance.

Skill content

"command": "uvx", "args": ["--from", "ecovacs-robot-mcp", "python", "-m", "ecovacs_robot_mcp"]

Recommendation

Verify the package source before use and pin a trusted version if your MCP configuration supports it.