Ipcam

This skill appears to be what it claims: ONVIF discovery, PTZ control and RTSP snapshot/recording. Before installing, consider the following: - Credentials: The installer creates ~/.config/ipcam/config.json which contains camera usernames/passwords in plaintext by default. Prefer environment variables (CAM_USER/CAM_PASS) or tighten permissions on the config file (chmod 600) and use a dedicated low-privilege camera account where possible. - Package installs: install.sh creates a local Python venv and runs 'pip install onvif-zeep' and may call apt-get or brew to install ffmpeg. These pull packages from standard registries (PyPI/apt/homebrew). If you require strict provenance, inspect the onvif-zeep package and its dependencies before allowing network installs. - Network behavior: Discovery uses WS-Discovery multicast (239.255.255.250) to scan your LAN and then connects to discovered camera IPs over ONVIF/RTSP. This is expected and limited to your local network; it does not contact external cloud endpoints in the provided code. - Permissions: install.sh may call sudo apt-get on Linux; be aware of privilege escalation during installation. Review the script before running it on a machine you don't control. - Origin: The registry metadata lists no homepage and the source is unknown. While the code is coherent and readable, if you require higher trust, request or inspect a published upstream repo or a maintainer identity. If those tradeoffs are acceptable (local network scanning, storing credentials locally unless you use env overrides, and allowing pip/apt/brew installs), the skill is consistent with its purpose.