jftech-open-pro-capture-livestream

v1.0.0

面向开发者杰峰设备 API 工具，支持批量获取杰峰设备实时画面，可多设备多通道抓图和直播地址获取。触发词：检查设备状态、查询设备、设备登录、设备抓图、直播地址、获取播放地址、批量抓图。

⭐ 0· 33·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jftech/jftech-open-pro-capture-livestream.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "jftech-open-pro-capture-livestream" (jftech/jftech-open-pro-capture-livestream) from ClawHub.
Skill page: https://clawhub.ai/jftech/jftech-open-pro-capture-livestream
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install jftech-open-pro-capture-livestream

ClawHub CLI

Package manager switcher

npx clawhub@latest install jftech-open-pro-capture-livestream

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description, required environment variables (JF_UUID, JF_APPKEY, JF_APPSECRET, JF_MOVECARD, optional device creds) and the Python implementation all align with a JF Tech device API client for token, capture, status, and livestream endpoints. No unrelated credentials or binaries are requested.

Instruction Scope

SKILL.md and README instruct running a local Python script and explicitly read only environment variables. However, the docs include a table entry claiming '不会执行本地代码' ('will not execute local code'), which contradicts the presence and usage instructions of scripts/jf_open_pro_capture_livestream.py. This inconsistency should be resolved (the provided code will execute locally and make outbound HTTPS calls). The runtime instructions otherwise reference only JF endpoints and env vars, not unrelated system files.

ℹ

Install Mechanism

The skill is instruction-only (no automated install spec). It ships a requirements.txt listing only 'requests', and the code checks for requests and exits with an error if missing. This is proportional but requires the user to run pip install manually; no high-risk download URLs or extract steps are present.

✓

Credentials

Requested environment variables are appropriate and necessary for the JF Tech API (platform uuid/appKey/appSecret and a signature offset). Optional device username/password are acceptable for device login flows. No unrelated keys or high-privilege cloud credentials are requested.

✓

Persistence & Privilege

The skill does not request 'always: true', does not claim to modify other skill or agent configs, and has no install-time persistence mechanism. Autonomous invocation is allowed (platform default) but not combined with other privilege escalations.

Scan Findings in Context

[pre-scan-injection-signals-none] expected: The provided static scan reported no injection or dangerous regex findings. The code mainly imports requests, builds signatures, and posts to JF endpoints; this matches the skill purpose.

What to consider before installing

This skill appears to implement a JF Tech API client and legitimately needs the JF-specific credentials it asks for, but there are documentation contradictions you should resolve before installing: SKILL.md claims it 'does not execute local code' while the package contains a runnable Python script that will execute locally and send credentials to JF endpoints. Actions to consider before installing: 1) Review the full Python file (including the truncated portion) to confirm there are no hidden endpoints, data-exfiltration calls, or unexpected behaviors. 2) Run the script in an isolated environment (VM/container) and monitor network traffic to confirm it only contacts expected jftech domains. 3) Only provide credentials with the minimum required privileges and avoid using high-privileged or reused secrets. 4) If you don't trust the source, do not run the script; request a trustworthy upstream or a vetted package. If you want, provide the rest of the script text and I can re-check the remaining code for any issues.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d9fn95ftgv457behdzc0phh85mqt1

33downloads

0stars

1versions

Updated 1d ago

v1.0.0

MIT-0

JF Open Pro Capture Livestream

面向开发者杰峰设备 API 工具 (Python)

支持批量获取杰峰设备实时画面，可多设备多通道抓图和直播地址获取。

🔒 安全说明

仅支持环境变量存储凭据

方式	支持	说明
环境变量	✅ 支持	不会在进程列表中暴露，不会执行本地代码
命令行参数	❌ 不支持	避免凭据泄露风险
配置文件	❌ 不支持	避免代码执行风险

🚀 快速开始

设置环境变量

export JF_UUID="your-uuid"              # 开放平台用户唯一标识
export JF_APPKEY="your-appkey"          # 开放平台应用 Key
export JF_APPSECRET="your-appsecret"    # 开放平台应用密钥
export JF_MOVECARD=5                    # 签名算法偏移量 (0-9)
export JF_SN="your-device-sn"           # 设备序列号

使用技能

# 查询设备状态
python scripts/jf_open_pro_capture_livestream.py status

# 设备登录
python scripts/jf_open_pro_capture_livestream.py login

# 云抓图
python scripts/jf_open_pro_capture_livestream.py capture

# 获取直播地址
python scripts/jf_open_pro_capture_livestream.py livestream

# 获取 Token
python scripts/jf_open_pro_capture_livestream.py token

📋 环境变量

变量名	说明	必需	默认值
`JF_UUID`	开放平台用户唯一标识	是	-
`JF_APPKEY`	开放平台应用 Key	是	-
`JF_APPSECRET`	开放平台应用密钥	是	-
`JF_MOVECARD`	签名算法偏移量 (0-9)	是	-
`JF_SN`	设备序列号	是	-
`JF_USERNAME`	设备用户名	否	`admin`
`JF_PASSWORD`	设备密码	否	-
`JF_ENDPOINT`	API 端点	否	`api.jftechws.com`
`JF_KEEPALIVE`	保活时长（秒）	否	`300`

🛠️ 功能

获取设备 Token - 通过设备序列号获取 24 小时有效的访问令牌
设备登录认证 - 使用设备用户名/密码完成登录，获取 SessionID
查询设备状态 - 获取设备在线状态、休眠状态、认证状态、IP 信息等
设备云抓图 - 抓取设备实时图片（辅码流），图片地址有效期 24 小时
获取直播地址 - 获取设备直播流地址（HLS/RTMP/FLV/WebRTC 等），默认有效期 10 小时

📖 详细文档

1. 获取设备 Token

接口: POST /gwp/v3/rtc/device/token

响应:

{
  "code": 2000,
  "data": [{
    "sn": "YOUR_DEVICE_SN",
    "token": "ZTA3NTRiODMzNHw0OGRlOGMxYzFjMjBhNGEzfHwx..."
  }]
}

注意: Token 有效期 24 小时，可缓存复用。

2. 查询设备状态

接口: POST /gwp/v3/rtc/device/status

状态判定表:

status	wakeUpStatus	wakeUpEnable	设备状态
online	空	空	常电设备，在线
online	0	1	低功耗设备，已休眠
online	1	1	低功耗设备，已唤醒
online	2	1	低功耗设备，准备休眠中
notfound	空	空	设备不在线

3. 设备云抓图

接口: POST /gwp/v3/rtc/device/capture/{deviceToken}

注意:

⚠️ 按调用次数计费 - 详见官网定价
⚠️ 图片有效期 24 小时 - 过期自动清除，需及时下载

4. 获取直播地址

接口: POST /gwp/v3/rtc/device/livestream/{deviceToken}

支持协议:

协议	参数	适用场景
HLS	`hls-ts`	Web 浏览器、移动端（推荐）
FLV	`flv`	Web 播放器
WebRTC	`webrtc`	超低延迟（仅 H.264）
RTMP	`rtmp-flv`	微信小程序

注意:

⚠️ 直播地址默认有效期 10 小时
⚠️ 低功耗设备 - 获取后 3 秒内必须播放

⚠️ 错误处理

错误码	说明	解决方案
`2000`	成功	-
`4118`	连接超时	设备离线/休眠，稍后重试
`10001`	Token 无效	重新获取 Token
`10002`	设备未登录	调用 login 接口登录

📚 官方参考资料

杰峰开放平台: https://open.jftech.com/
API 文档: https://docs.jftech.com/
API 端点: api.jftechws.com (国际) / api-cn.jftech.com (中国大陆)

Comments

Loading comments...