SmartEye - Agent的眼睛
v3.0.0Control and analyze ONVIF PTZ IP cameras to capture frames, view streams, find objects, and perform pan-tilt-zoom movements using configured camera aliases.
⭐ 2· 145·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the implementation: code implements ONVIF/PTZ control, RTSP snapshot capture (opencv), VLC launching, and multi-camera snapshot search. No unrelated environment variables, external cloud credentials, or surprising binaries are requested; camera credentials are provided via the local camera-devices.json config as expected for this purpose.
Instruction Scope
SKILL.md describes the same behaviors the code implements: copying a bundled template to ~/.openclaw/workspace/camera-devices.json, reading camera credentials from that file, taking snapshots, opening RTSP in VLC, and producing snapshot paths for AI/image analysis. The runtime instructions and code do not read unrelated system files or hidden endpoints. They do perform network requests to the camera hosts specified in the config (expected for camera control).
Install Mechanism
No install spec is present (the package relies on included code and a pyproject listing opencv-python). This is consistent with a local skill bundle, but the SKILL.md earlier said "instruction-only" while the package includes code—this is an informational mismatch (not necessarily malicious). There are no download-from-URL installs or obscure external installers.
Credentials
The skill requests no environment variables or external credentials. It does require plaintext camera credentials stored in camera-devices.json (username/password per camera) which is proportional and expected for direct device control. The README warns about replacing example passwords and keeping the file on an internal network. No unrelated secrets are requested or embedded.
Persistence & Privilege
always:false and the skill does not request system-wide privileges. It copies a bundled template into the user's workspace path (~/.openclaw/workspace) on first run (documented), which is reasonable. The skill does not modify other skills' configs or enable itself globally.
Assessment
This skill appears to do exactly what it says: control ONVIF PTZ cameras and capture frames. Before installing, consider: 1) camera credentials are stored in camera-devices.json in your workspace—replace example passwords and protect that file (file permissions, do not expose it to others); 2) ONVIF/RTSP traffic is usually plaintext—use only on a trusted internal network and do not expose cameras to the public Internet; 3) snapshots are saved locally and the skill instructs the agent to use an image tool to analyze them—if your agent's image tool sends images to external services, those captured frames could be transmitted off-host; 4) the code disables SSL verification in places for convenience (common in device tooling) — this reduces transport authenticity but is typical for local device control; 5) SKILL.md describes an "instruction-only" skill but the package includes code and a dependency on opencv-python; ensure your environment can satisfy opencv and you are comfortable running the packaged code. If you need stronger guarantees, review/inspect the included Python files locally (they are bundled with the skill) and ensure camera-devices.json uses correct internal IPs and secure passwords.Like a lobster shell, security has layers — review code before you run it.
latestvk97bmvay52tka6ab5nwq4vhyb584q6r8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.