海康云眸设备基础管理
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Hik-Cloud device management, but it can change/delete/reboot devices and can send credentials to a configurable API host, so it needs careful review before use.
Use this only with a trusted Hik-Cloud account and the official or otherwise trusted API base URL. Before allowing the agent to delete, rename, register, or reboot devices, require it to show the exact device serial and wait for explicit confirmation. Protect or periodically clear the local token cache.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could accidentally delete, rename, register, or reboot the wrong device if a user request is ambiguous.
The skill exposes mutating device operations, but only reboot is explicitly called out for reconfirmation; deletion and renaming can also materially affect the user's device account.
本技能只处理以下能力:- 注册设备 - 删除设备 - 修改设备名称 ... - 设备重启 ... 设备重启属于高影响操作,执行前应再次确认设备序列号。
Require explicit confirmation for every mutating action, especially delete and reboot, showing the device serial, target group/name, and expected impact before executing.
If a custom or malicious base URL is configured, the Hik client secret or access token could be sent to an unintended server.
The OAuth token request is built from the selected base URL and includes the client secret; the shown normalization does not restrict the host to Hik-Cloud domains.
def normalize_base_url(base_url: str) -> str: ... return normalized.rstrip("/") ... url=base_url.rstrip("/") + TOKEN_PATH ... "client_secret": client_secretRestrict base URLs to trusted Hik-Cloud endpoints by default, require explicit user confirmation for custom hosts, and warn that custom hosts receive OAuth credentials.
Anyone or any local process with access to that cache file may be able to reuse the token until it expires.
The helper persists token data in a local cache file, which is disclosed and purpose-aligned but still stores account access material on disk.
DEFAULT_TOKEN_CACHE = Path.home() / ".cache" / "hik_open" / "token.json" ... cache_file.write_text(json.dumps(payload, ensure_ascii=False, indent=2), encoding="utf-8")
Use restrictive file permissions or a secure secret store for the token cache, and clear the cache when credentials should no longer be usable.
Users have less external provenance information to verify before granting Hik-Cloud credentials.
The package provenance is not documented, which matters more because the skill requires cloud credentials and can mutate device state.
Source: unknown; Homepage: none
Verify the publisher and compare the endpoints/behavior against official Hik-Cloud documentation before using production credentials.
This static finding is unlikely to affect normal skill use unless the tests are run.
The dynamic execution flagged by the static scanner is in test code that imports the local script under test, not in the documented runtime workflow.
SPEC.loader.exec_module(MOD)
No user action is needed for normal use; maintainers can suppress or document this test-only import pattern.