ClawHub

Tuya Smart Home

v1.0.0

Control Tuya/Smart Life smart home devices including pet feeders, lights, plugs, curtains via cloud API or local network. Use when: (1) controlling smart hom...

0· 469·4 current·4 all-time
by@rachelchoo1212
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, reference doc, and the two Python scripts are all consistent: they implement cloud API access (tuya-connector) and local control/scan (tinytuya). Nothing requested or installed is unrelated to controlling Tuya/Smart Life devices.
Instruction Scope
Runtime instructions and scripts only perform expected actions: scan local network (tinytuya.deviceScan), query cloud API endpoints, retrieve device info (including local_key) and send device commands. The instructions do not reference unrelated files, credentials, or external endpoints beyond Tuya API domains and local device IPs.
Install Mechanism
This is an instruction-only skill with bundled scripts; dependencies are standard public Python packages (tinytuya, tuya-connector-python) installed via pip. No arbitrary downloads or extract/install steps are present.
Credentials
The registry metadata declares no required env vars, and the scripts accept credentials via CLI flags rather than environment variables. This is reasonable, but be aware you will need to supply ACCESS_ID/ACCESS_SECRET (cloud) or DEVICE_ID/LOCAL_KEY/IP (local). The skill does not request unrelated credentials.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or modify other skills or system-wide settings. The default ability for the agent to invoke the skill autonomously is not combined with other red flags here.
Assessment
This skill appears to do what it says: control Tuya devices via cloud or local network. Before installing: (1) inspect or run the included scripts in a safe environment if you have doubts (the source is bundled and readable); (2) only provide your Tuya ACCESS_ID/ACCESS_SECRET or LOCAL_KEY/IP when needed and to a trusted runtime — these are real credentials that grant device control; (3) be aware the scan will probe your local network to find Tuya devices; and (4) the scripts use public pip packages (tinytuya, tuya-connector-python) — consider auditing those packages or installing in an isolated virtualenv. If you want tighter control, prefer local mode and avoid giving cloud credentials to untrusted hosts or agents.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cn6484qjym6qen4exk0bpf1822kdp
469downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@rachelchoo1212
latest
Download

Tuya Smart Home

Control any Tuya/Smart Life device via cloud API or local network.

Dependencies

pip3 install tinytuya tuya-connector-python

Configuration

Two control modes available:

Cloud Mode

Requires Tuya IoT Platform credentials from https://iot.tuya.com:

  • ACCESS_ID — from Cloud Project
  • ACCESS_SECRET — from Cloud Project
  • REGION — cn (China), us (Americas/SEA), eu (Europe), in (India)

Local Mode (Recommended)

Requires device info (obtain via cloud API first):

  • DEVICE_ID — device identifier
  • LOCAL_KEY — device encryption key
  • IP — device local IP address
  • VERSION — protocol version (usually 3.4)

Quick Start

Scan for devices on local network

python3 scripts/tuya_scan.py

Get device info (cloud)

python3 scripts/tuya_control.py --mode cloud --action info \
  --device-id DEVICE_ID \
  --access-id ACCESS_ID --access-secret ACCESS_SECRET --region cn

Query device status

# Cloud
python3 scripts/tuya_control.py --mode cloud --action status \
  --device-id DEVICE_ID \
  --access-id ACCESS_ID --access-secret ACCESS_SECRET --region cn

# Local
python3 scripts/tuya_control.py --mode local --action status \
  --device-id DEVICE_ID --ip IP --local-key KEY

Send command

# Cloud — feed pet 1 portion
python3 scripts/tuya_control.py --mode cloud --action send \
  --device-id DEVICE_ID --code manual_feed --value 1 \
  --access-id ACCESS_ID --access-secret ACCESS_SECRET --region cn

# Local — feed pet 1 portion
python3 scripts/tuya_control.py --mode local --action send \
  --device-id DEVICE_ID --ip IP --local-key KEY \
  --dp-id 3 --value 1

# Turn on light
python3 scripts/tuya_control.py --mode cloud --action send \
  --device-id DEVICE_ID --code switch_led --value true \
  --access-id ACCESS_ID --access-secret ACCESS_SECRET --region cn

# Open curtain
python3 scripts/tuya_control.py --mode cloud --action send \
  --device-id DEVICE_ID --code control --value open \
  --access-id ACCESS_ID --access-secret ACCESS_SECRET --region cn

Common Device Commands

DeviceCodeValuesDescription
Pet Feedermanual_feed1-12Feed N portions
Pet Feederquick_feedtrueQuick feed
Pet Feederlighttrue/falseNight light
Lightswitch_ledtrue/falseOn/off
Lightbright_value10-1000Brightness
Lighttemp_value0-1000Color temperature
Plugswitch_1true/falseOn/off
Curtaincontrolopen/stop/closeMovement
Curtainpercent_control0-100Position %

China Region Note

China data center (openapi.tuyacn.com) blocks non-China IPs by default. Solutions:

  1. Add your IP to whitelist in Tuya IoT Platform → Project → IP Whitelist
  2. Use local mode (bypasses cloud entirely, recommended)

API Reference

For detailed API documentation, DP code tables, and setup guide, see references/tuya_api.md.

Comments

Loading comments...