Hik Cloud Device Group Management
v1.0.0调用海康云眸开放平台设备分组管理接口,包括新增组、删除组、更新组、查询组织详情、查询所有组织、查询下级组和设备转移分组。用户提到设备组织、设备分组、groupNo、groupId、parentNo、设备转组等场景时使用。本技能自动处理 access_token 获取与刷新,不向用户暴露 token 调用流程。
⭐ 0· 70·0 current·0 all-time
byhik-cloud-open@liunian1010
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the included Python script and reference docs. Requested binaries (python3) and required env vars (HIK_OPEN_CLIENT_ID, HIK_OPEN_CLIENT_SECRET) are exactly what a client-credentials-based Hik-Cloud integration would need. Endpoints and operations in the SKILL.md align with the API paths in references and the script.
Instruction Scope
Runtime instructions stay within the stated scope (create/delete/update/get/list/device-transfer). The script reads environment variables, accepts an explicit --access-token, and caches tokens to a filesystem path (~/.cache/hik_open/token.json). Caching tokens to disk is expected for this workflow but is a privacy/operational consideration (token stored in plaintext unless the runtime secures the file).
Install Mechanism
No install spec; this is instruction-only with an included Python script. Nothing is downloaded from remote URLs or extracted. Risk from installation is low because no external installers or arbitrary downloads are present.
Credentials
The skill requires only HIK_OPEN_CLIENT_ID and HIK_OPEN_CLIENT_SECRET (primaryEnv is the client secret), which is proportional to obtaining an OAuth token for the Hik-Cloud API. It also optionally uses HIK_OPEN_ACCESS_TOKEN and HIK_OPEN_BASE_URL. The only caution: the resulting access_token is cached to disk by default, so the secret indirectly leads to persisted tokens; consider this when using the skill in shared environments.
Persistence & Privilege
always:false and normal autonomous invocation are set. The skill persists only its own token cache file and does not attempt to modify other skills or system-wide agent settings. No elevated or global privileges are requested.
Assessment
This skill appears coherent and implements the documented Hik-Cloud device-group operations. Before installing: (1) Treat HIK_OPEN_CLIENT_SECRET as sensitive — provide it via the sandboxed credential mechanism rather than pasting into chat or shared shells. (2) Be aware the script caches access_token to ~/.cache/hik_open/token.json in plaintext; on multi-user or shared systems, either change the cache path to a secure location or pass an explicit --access-token that you manage, and remove the cache after use. (3) Verify the base URL (HIK_OPEN_BASE_URL or --base-url) if you need to target a staging environment. (4) Audit network egress policies if you run this in a secure environment. No other inconsistencies or hidden endpoints were detected.Like a lobster shell, security has layers — review code before you run it.
latestvk974b62xtzah8jfy3p1q3x91c583gea6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🗂️ Clawdis
Binspython3
EnvHIK_OPEN_CLIENT_ID, HIK_OPEN_CLIENT_SECRET
Primary envHIK_OPEN_CLIENT_SECRET