ClawHub

查询设备的状态

v1.0.5

调用 ai-open-gateway 的设备状态查询接口 POST /api/device/status,批量查询设备在线或离线状态。Use when: 需要检查设备是否在线、批量监控设备状态。⚠️ 需设置 AI_GATEWAY_API_KEY。

0· 118·0 current·0 all-time
by@maydayily
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the script calls /api/device/list and /api/device/status on an ai-open-gateway host. Declared requirements (python3, AI_GATEWAY_API_KEY) are appropriate for this functionality.
Instruction Scope
SKILL.md instructs the agent to run the included script, parse its JSON output and present a formatted table. The instructions and the script reference only the API key, optional host/SSL flags, and the fallback ~/.openclaw/.env file — all relevant to querying device status. There is no unrelated file access or network exfiltration in the instructions.
Install Mechanism
No install spec — instruction-only plus an included Python script. The script depends on the public httpx package (standard ecosystem dependency). Nothing is downloaded from arbitrary/unknown URLs or installed to unexpected locations.
Credentials
Only AI_GATEWAY_API_KEY is required (primary credential), with optional AI_GATEWAY_HOST/AI_GATEWAY_VERIFY_SSL/AI_GATEWAY_NO_ENV_FILE. The script supports a fallback read of ~/.openclaw/.env (declared in metadata). This is functionally reasonable but has a security implication: the shared .env file is readable by other skills for the same user. SKILL.md explicitly warns to prefer environment variables and to set AI_GATEWAY_NO_ENV_FILE=true in production; follow that guidance.
Persistence & Privilege
always:false and no attempts to modify other skills or system-wide agent configuration. The script only reads configuration and makes outbound requests to the declared gateway endpoints.
Assessment
This skill is coherent with its purpose, but before installing: 1) Provide a minimal-permission API key (only device-status access). 2) Avoid relying on the shared fallback file ~/.openclaw/.env in production — set AI_GATEWAY_NO_ENV_FILE=true and pass the key via environment variable. 3) Verify AI_GATEWAY_HOST is a trusted domain (the script defaults to https://ai-open-gateway.closeli.cn). 4) Keep TLS verification enabled (do not set AI_GATEWAY_VERIFY_SSL=false in production). 5) Ensure python3 and the httpx package are available. If you cannot confirm the gateway host or appropriate key permissions, limit use or inspect network traffic to confirm behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bdgknypp00tq8g6a6beg21983f3r4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvAI_GATEWAY_API_KEY
Primary envAI_GATEWAY_API_KEY

Comments