jf-open-pro-camera-config
v1.0.0面向开发者控制杰峰设备相关配置,支持动检检测开关和灵敏度设置、人形检测开关和检测灵敏度、人形追踪开关和追踪灵敏度等。触发词:摄像机配置、动检设置、人形检测、人形追踪、灵敏度配置。
⭐ 0· 61·0 current·0 all-time
byJFTECH@jufengcloud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the code and SKILL.md: the script uses JF_* credentials to call JFTech API endpoints to get/set motion-detect, human-detection, and human-track configs. The requested environment variables map to what the API calls need (uuid/appKey/appSecret/moveCard/device SN/endpoint/channel).
Instruction Scope
Runtime instructions limit activity to reading environment variables and calling the declared JFTech endpoints. Minor inconsistencies in the docs: README examples reference a Node.js script that is not included, and SKILL.md lists JF_SN as optional in one place but marks it required in another. These are documentation issues but not evidence of malicious behavior.
Install Mechanism
No install spec; the skill is instruction-plus-script only. No downloads or archive extraction are performed by an installer, so no high-risk install mechanism is present.
Credentials
The skill requests only the API credentials and device identifiers needed to authenticate and address the device (JF_UUID, JF_APPKEY, JF_APPSECRET, JF_MOVECARD, JF_SN, optional endpoint/channel). No unrelated secrets or broad system credentials are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or cross-skill configuration changes. It does not persist beyond its own files; autonomous invocation is allowed by platform default and is not excessive here.
Assessment
This skill appears coherent for configuring JFTech cameras, but review before use: (1) verify the API endpoint (api.jftechws.com / api-cn.jftech.com) are the official services you expect; (2) provide the required environment variables (uuid/appKey/appSecret/moveCard) only to trusted environments; (3) note small docs inconsistencies (README references a Node script not present; SKILL.md toggles whether JF_SN is required) — confirm whether your workflow needs JF_SN; (4) you can inspect the included Python script locally to satisfy yourself it only talks to the listed endpoints and doesn't write or exfiltrate unrelated data.Like a lobster shell, security has layers — review code before you run it.
latestvk97ddj62t5m236rcb4tavr1v6584cs8z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.