Tapo
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: tapo Version: 0.3.0 The skill provides a legitimate interface for controlling TP-Link Tapo smart home devices via the Model Context Protocol (MCP). It uses the `mcporter` utility to communicate with a user-hosted Tapo MCP server, with clear documentation in `SKILL.md` and `references/setup.md` regarding configuration and security practices (e.g., using Bearer tokens and setting file permissions). No indicators of data exfiltration, malicious execution, or harmful prompt injection were found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could turn devices on or off, change lights, or capture a camera image.
The skill intentionally exposes tools that can change physical smart-home device state and capture camera stills. This is aligned with the stated purpose, but it is sensitive functionality.
`control_device` | Control a device by applying one or more set capabilities. ... `take_snapshot` | Capture a still JPEG snapshot from a Tapo camera (~640x360).
Use this only with trusted agents and require clear user intent before controlling devices or taking snapshots.
Compromise or mishandling of these credentials could allow unauthorized access to Tapo devices or camera snapshots.
The referenced MCP server requires Tapo account credentials and may require separate camera credentials. These are expected for the integration but grant access to home devices and cameras.
`TAPO_MCP_USERNAME` | Yes | — | Tapo account email ... `TAPO_MCP_PASSWORD` | Yes | — | Tapo account password ... `TAPO_MCP_CAMERA_PASSWORD` | No | — | Camera account password
Store credentials as secrets, enable a strong MCP bearer token, restrict local config file permissions, and rotate credentials if exposed.
If the MCP server is reachable without authentication, other local clients or agents could potentially invoke device-control or camera tools.
The MCP server is an HTTP tool endpoint for home devices. Authentication is supported and recommended, but the server can run without it if the API key is omitted.
When `TAPO_MCP_API_KEY` is set, the server requires all HTTP requests to include an `Authorization: Bearer <key>` header. ... When the variable is unset ... the server runs without authentication.
Always set `TAPO_MCP_API_KEY`, keep the server bound to a trusted interface, and avoid exposing it beyond the trusted local network.
A changed or compromised upstream image could affect code that handles Tapo credentials and device control.
The setup guide uses a floating `latest` container image for the external MCP server. This is a user-directed, purpose-aligned dependency, but the exact code version can change over time.
ghcr.io/mihai-dinculescu/tapo-mcp:latest
Pin the MCP server image to a reviewed version or digest and monitor the upstream project before providing credentials.