小米家居 (Xiaomi Home)
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The Xiaomi device-control purpose is clear, but the package ships private-looking Xiaomi device tokens and encourages storing such tokens in agent-readable reference files.
Do not install this package as-is. First remove the populated private device file, rotate or reset the exposed Xiaomi tokens, and only keep your own device tokens in a private, non-published secret store or config file. Review commands carefully before allowing the agent to control appliances.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent or anyone with the artifact could try to use exposed credentials for devices that may not belong to the installer, and the original device owner’s secrets are exposed.
The published artifact contains a private device inventory with real-looking LAN addresses and Xiaomi device tokens, which are credentials for controlling those devices.
"# My Private Xiaomi Devices (Sensitive)" / "DO NOT PUBLISH THIS FILE." with rows such as "热水器 (Plug) | 192.168.28.214 | 181f7c04…e6c3a | cuco.plug.v3"
Remove the private device file from the package, rotate or reset all exposed Xiaomi device tokens, and require each user to provide their own tokens through private configuration or a secret store.
Your smart-home tokens could remain in context or files the agent can read later, increasing the chance of accidental disclosure or unintended device control.
The skill directs users to keep sensitive device tokens in agent-readable reference files; the included private inventory demonstrates that these secrets can persist in the skill package and be reused across tasks.
Add your devices here to help the agent remember their IPs and Tokens.
Do not store live tokens in publishable reference files. Use a private, excluded config file or secret manager, and document clear retention and deletion steps.
A mistaken command, wrong token, or wrong device mapping could turn appliances on or off or change device settings.
The skill intentionally exposes raw miiocli/MIOT property manipulation for device control. This matches the stated purpose, but it can change the state of physical appliances.
`miiocli miotdevice --ip <IP> --token <TOKEN> raw_command set_properties ...`
Confirm the target device and action before running commands, and prefer whitelisted device/property mappings for safety-sensitive appliances.
Installation depends on external package sources and may behave differently across systems, especially because the command uses a macOS-style path despite no OS restriction.
The embedded setup command installs packages from the Python ecosystem without exact version pins or hashes. This is expected for a miiocli-based skill, but users should recognize the dependency trust boundary.
pipx install python-miio && /Users/$(whoami)/.local/pipx/venvs/python-miio/bin/python -m pip install 'click<8.1.0'
Install in an isolated environment, verify the python-miio source, and prefer pinned versions or lockfiles.