Iobroker Simple Api

v1.3.0

Full access to ioBroker via the iobroker simple-api adapter. Read states, objects, historical data, write to states, execute scripts, and more.

⭐ 1· 90·0 current·0 all-time

bySanweb@sanwebgit

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The skill implements HTTP calls to an ioBroker simple-api endpoint (get/set/query/exec/etc.), reads OpenClaw config for the ioBroker URL and optional Basic Auth, and lists/executes operations described in the README/SKILL.md. Declared capabilities (full ioBroker access) align with the code. The package dependency (ws) is plausible for subscriptions even if the visible code uses HTTP.

ℹ

Instruction Scope

SKILL.md and the implementation mostly match: commands map to HTTP endpoints on the simple-api adapter and the skill reads openclaw.json for configuration. Minor documentation mismatches: SKILL.md mentions detecting OPENCLAW_STATE_DIR and 'creating default config on first run', but the code only checks OPENCLAW_HOME and HOME-based fixed paths and does not write configs. Also SKILL.md claims auto-detection via installation path; code only checks the two fixed file locations. These are documentation/code inconsistencies but not malicious scope creep.

✓

Install Mechanism

No remote install/downloads or extracted archives are present in the spec. The skill is shipped as code files with a standard package.json (dependency on 'ws'), which is proportionate for an ioBroker client that may use websockets for subscriptions.

✓

Credentials

The skill requests no environment variables or credentials via registry metadata. In practice the code reads OPENCLAW_HOME and HOME to locate openclaw.json; it will also accept username/password in that config for basic auth to ioBroker. That matches the stated purpose. There are no unrelated credential requests or omnibus env access.

✓

Persistence & Privilege

The skill is not set always:true and uses normal autonomous invocation defaults. The code is read-only with respect to OpenClaw config (it reads openclaw.json but does not write), and it does not modify other skills or system-wide settings. No elevated persistence is requested.

Assessment

This skill appears to do what it says: it contacts an ioBroker simple-api endpoint and can read/write states and execute scripts on that ioBroker instance. Before installing, confirm: 1) The configured baseUrl points to a trusted ioBroker instance on your LAN (do not point to an Internet-exposed controller). 2) Only provide username/password if you trust the skill and the OpenClaw environment; Basic Auth credentials will be sent to the configured ioBroker URL. 3) The exec: and eval: commands send code to ioBroker for execution — those are powerful and can run arbitrary automation on your system, so limit access to trusted agents/users. 4) Be aware of small doc/code mismatches (OPENCLAW_STATE_DIR mention and 'create default config' claim) — these are likely documentation drift, not malicious behavior. If you need higher assurance, review the full skill.js (especially the truncated parts) or run it in a sandboxed environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk976a84k7zr1te0k3hjsrf9sbn83p4gv

90downloads

1stars

4versions

Updated 3w ago

v1.3.0

MIT-0

📊 ioBroker Simple-API Skill

Production-ready ioBroker client for OpenClaw automation.

Full access to ioBroker via the simple-api adapter. Read states, objects, historical data, write to states, execute JavaScript, and monitor your smart home. The skill automatically handles caching, rate limiting, and circuit breaker protection. Use this skill to integrate OpenClaw with your ioBroker installation for full smart home control.

🚀 Quick Start

Prerequisites

ioBroker with simple-api adapter installed
Adapter running on a port (default 8087)

Minimal Configuration

The skill auto-detects config on first run. Manual config in openclaw.json:

{
  "entries": {
    "iobroker-simple-api": {
      "config": {
        "url": "http://CHANGE_ME_IP",
        "port": 8087,
        "username": "",
        "password": ""
      }
    }
  }
}

Test Connection

health

Returns connection status, uptime, and state count.

⚙️ Configuration

Option	Required	Default	Description
`url`	Yes	`http://CHANGE_ME_IP`	ioBroker simple-api base URL
`port`	Yes	`8087`	ioBroker simple-api port
`username`	No	(empty)	Basic Auth username
`password`	No	(empty)	Basic Auth password

Auto-Detection

The skill automatically detects the OpenClaw config path:

From environment variables (OPENCLAW_HOME, OPENCLAW_STATE_DIR)
From its own installation path (skill → workspace → .openclaw)
Creates default config on first run if missing

Runtime Config

Change config at runtime:

config:baseUrl=http://CHANGE_ME_IP:8087
config:timeout=20000

📖 Read Operations

Get State Value

getPlainValue:javascript.0.sensor.temperature

With JSON parsing:

getPlainValue:javascript.0.data?json

Get State + Object

get:javascript.0.sensor.temperature

Get Multiple States

getBulk:javascript.0.sensor.temperature,javascript.0.sensor.humidity

List Objects/States

objects:*              # All objects
objects:javascript.0.*  # JavaScript adapter objects
states:*               # All states
states:humidity*       # States starting with humidity

Search

search:temperature
search:livingroom

Query History

query:javascript.0.sensor.temperature?dateFrom=-1h
query:system.host.*?dateFrom=-24h&aggregate=minmax

Supported time formats:

-1h, -30m, -7d (relative)
today (today at midnight)
2024-01-01 (absolute)

CSV Export

csv:javascript.0.sensor.temperature?dateFrom=-24h

📤 Write Operations

Set State

set:javascript.0.light?value=on
set:javascript.0.counter?value=42&type=number&ack=true

Toggle

toggle:javascript.0.switch

Set Multiple

setBulk:javascript.0.light1=on&javascript.0.light2=off

Create/Delete State

create:javascript.0.myNewState?common={"type":"number","name":"My State"}
delete:javascript.0.myNewState

Enable/Disable

enable:javascript.0.myNewState
disable:javascript.0.myNewState

💻 Script Execution

Execute JavaScript

exec:$('javascript.0.sensor.temp').val(true)
eval:2+2

List Scripts

scripts
jsinfo

🔌 System Commands

Command	Description
`health`	Connection status, uptime, state count
`cache`	Cache statistics (hits, misses, size)
`rate`	Rate limit status
`system`	Hosts, memory, CPU info
`runtime`	Uptime, CPU, memory, disk
`adapters`	List installed adapters
`instances`	Adapter instances with status
`status`	Full skill status

🎬 Scenes & Snapshots

Scenes

scene:mynight={"light.living":"on","light.bedroom":"off"}
scenes
activate:mynight
deletescene:mynight

Snapshots

snapshot:backup=state1,state2
snapshots
diff:snap1 vs snap2
diff:snap1 vs current

📊 Groups & Enums

groups
groups:rooms
group:enum.rooms.living

⚡ Features

Caching

30 second TTL for frequently accessed states
Automatic cache invalidation on writes

Rate Limiting

10 requests/second to prevent API flooding
Queue management for burst requests

Circuit Breaker

Auto-recovery on failures
Exponential backoff with jitter

Batch Operations

Efficient bulk get/set
Parallel execution option

Type Coercion

Convert between boolean/number/string
Automatic JSON parsing

Historical Queries

Multiple aggregation types (minmax, average, sum, count)
Configurable time ranges

📋 API Reference

Commands Summary

Command	Description
`getPlainValue:<id>`	Get state value
`get:<id>`	Get state + object
`getBulk:<ids>`	Multiple states
`objects:<pattern>`	List objects
`states:<pattern>`	List states
`search:<pattern>`	Search data
`query:<id>?dateFrom=...`	Query history
`set:<id>?value=...`	Set state
`toggle:<id>`	Toggle state
`setBulk:<id1>=<v1>&<id2>=<v2>`	Multiple writes
`create:<id>?common=...`	Create state
`delete:<id>`	Delete state
`exec:<js>`	Execute JS
`scene:name={...}`	Create scene
`snapshot:name=...`	Take snapshot
`groups`	List enums
`health`	Connection check
`cache`	Cache stats
`system`	System info
`runtime`	Runtime info