ClawHub

查询设备事件

v1.0.0

调用 ai-open-gateway 的事件查询接口 POST /api/event/query,支持自然语言查询设备事件,返回 AI 摘要和事件列表。Use when: 需要查询设备检测到的事件、了解某段时间内的活动情况,例如有没有人出现、有没有车开过、我的猫去哪里了等自然语言问题。⚠️ 需设置 AI_GATE...

0· 94·0 current·0 all-time
by@maydayily
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binary (python3), and required env var (AI_GATEWAY_API_KEY) align with calling an HTTP API to query device events. Declared fallback config path (~/.openclaw/.env) is documented in SKILL.md and used by the code.
Instruction Scope
SKILL.md confines behavior to POST /api/event/query and specifies strict presentation rules for the agent; the script only calls that endpoint and outputs JSON. Two inconsistencies to be aware of: (1) SKILL.md's display guidance mentions showing up to 10 events when >10 exist, but the script truncates events to MAX_EVENTS=3 before printing; (2) SKILL.md mandates stripping the 'xxxxS_' prefix from device_id for display, but the script does not modify device_id (it returns API JSON and expects the agent to format). These are implementation/coordination mismatches, not evidence of exfiltration.
Install Mechanism
No install spec; this is an instruction+script skill that depends on the third-party library httpx. The script checks for httpx and instructs the user how to pip install it rather than downloading arbitrary code. No external download URLs or archive extraction are used.
Credentials
Only AI_GATEWAY_API_KEY (primary credential) is required, which is proportionate to a gateway API call. The skill reads ~/.openclaw/.env as a documented fallback — this shared-file fallback is a convenience but raises a potential credential-sharing risk between co-located skills; SKILL.md explicitly warns to use environment variables in production and provides AI_GATEWAY_NO_ENV_FILE to disable the fallback. Also note AI_GATEWAY_VERIFY_SSL can disable TLS verification (documented as for dev only).
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide configuration. It only reads a shared fallback file and environment variables; it does not write persistent settings or request elevated privileges.
Assessment
This skill appears to do what it says: call the AI gateway event query API and return JSON for the agent to format. Before installing, ensure you: (1) provide a minimal-privilege AI_GATEWAY_API_KEY (event-query-only key if possible); (2) prefer passing the key via environment variables and set AI_GATEWAY_NO_ENV_FILE=true to avoid the shared ~/.openclaw/.env fallback; (3) verify AI_GATEWAY_HOST points to the expected trusted domain; (4) do not set AI_GATEWAY_VERIFY_SSL=false in production; and (5) be aware the SKILL.md presentation rules (e.g., stripping device_id prefixes, link formatting, and maximum display counts) are the agent's responsibility — the shipped script truncates results to 3 items, which differs from a 10-item display rule in the docs, so confirm the display behavior you expect.

Like a lobster shell, security has layers — review code before you run it.

latestvk972374gnk5petgmr59mjseqs983eys8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvAI_GATEWAY_API_KEY
Primary envAI_GATEWAY_API_KEY

Comments