Hik Cloud Device Alarm Capability Management
v1.0.0调用海康云眸开放平台设备报警能力管理接口,包括获取常规报警能力列表、修改报警能力状态和设置智能检测开关。用户提到报警能力、移动侦测、视频遮挡、区域入侵、智能检测开关等场景时使用。本技能自动处理 access_token 获取与刷新,不向用户暴露 token 调用流程。
⭐ 0· 76·0 current·0 all-time
byhik-cloud-open@liunian1010
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the requested artifacts: python3, HIK_OPEN_CLIENT_ID, and HIK_OPEN_CLIENT_SECRET are appropriate for calling Hik-Cloud OAuth and the documented APIs. No unrelated services or credentials are requested.
Instruction Scope
SKILL.md instructs running the included Python script, documents the exact endpoints and parameters, and limits operations to listing/setting alarm capabilities and intelligence switch. It does not instruct reading unrelated files or sending data to third-party endpoints.
Install Mechanism
No install script or remote downloads; this is instruction+embedded script only. The runtime relies on system python3 and included code, which is low-risk compared with remote installs.
Credentials
Requested env vars (client id/secret) are proportionate for OAuth. The skill optionally reads HIK_OPEN_ACCESS_TOKEN and will cache tokens to ~/.cache/hik_open/token.json — this is expected but means an access token will be persisted on disk. Consider whether you want tokens stored locally and ensure appropriate file permissions.
Persistence & Privilege
always:false (normal). The script persists a token cache under the user's home (~/.cache/hik_open/token.json) and may create that directory; this is reasonable for token reuse but is persistent state to be aware of.
Assessment
This skill appears to do exactly what it says: call Hik-Cloud APIs to list and modify alarm capabilities. Before installing, consider: (1) you must supply HIK_OPEN_CLIENT_ID and HIK_OPEN_CLIENT_SECRET — the skill will use these to obtain OAuth tokens and call the Hik-Cloud API; (2) an access token will be cached on disk at ~/.cache/hik_open/token.json — if you are concerned about token persistence, change the --token-cache-file or secure that path and rotate credentials after use; (3) if you run sessions in a sandbox, inject credentials via the sandbox config rather than relying on host env vars; (4) verify the base URL if you need to target a test environment (use --base-url or HIK_OPEN_BASE_URL); (5) avoid pasting secrets into chat — use environment variables. Overall the footprint is coherent and proportionate to the stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk972xnq5epcp85sfc5nhd78f7983hp9m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚨 Clawdis
Binspython3
EnvHIK_OPEN_CLIENT_ID, HIK_OPEN_CLIENT_SECRET
Primary envHIK_OPEN_CLIENT_SECRET