ratgdo32 disco
Control a ratgdo32 disco garage door opener via its local web API. Use when the user asks to open/close the garage, check garage status, toggle the garage li...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 26 · 0 current installs · 0 all-time installs
byMichael Boland@bolander72
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (local garage control) matches the code and instructions. However, the package metadata declares no required environment variables or binaries even though both the SKILL.md and scripts/garage.sh expect RATGDO_HOST and runtime tools (curl, python3). That mismatch is disproportionate to the stated purpose and should be corrected.
Instruction Scope
SKILL.md and the helper script stay within the expected scope: they query the device's /status.json and POST to /setgdo on the local host. There is no external network/server contact beyond the LAN device. Minor discrepancy: SKILL.md claims the script will default to a placeholder IP if RATGDO_HOST is unset, but the script actually aborts if RATGDO_HOST is not set.
Install Mechanism
This is an instruction-only skill with an included helper script and no install spec; nothing is downloaded or written to disk by an installer. Risk is low from the install mechanism itself, but runtime execution will rely on existing binaries.
Credentials
No credentials or sensitive secrets are requested, which is appropriate. However, RATGDO_HOST is required at runtime but not declared in the manifest. Additionally, the script expects curl and python3 available on PATH but these binaries are not declared as requirements. The omission of these runtime dependencies is a proportionality/manifesting issue that could be benign (documentation oversight) or sloppy engineering.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or global agent config, and has no persistent/system privileges. It only performs ad hoc LAN requests when invoked.
What to consider before installing
This skill appears to implement exactly the local LAN API calls described and does not phone home, but there are a few things to check before installing/using it: 1) The helper script requires RATGDO_HOST to be set (it will abort if unset) — the manifest should list this env var. 2) The script calls curl and python3; make sure those binaries exist on the agent host and consider having the skill declare them. 3) Confirm the device is only reachable on a trusted LAN (no port-forwarding) because running the skill gives the agent network access to your garage controller. 4) If you rely on this skill, inspect the script yourself (it's short and readable) or run it locally in a controlled environment first. If the owner updates the manifest to declare RATGDO_HOST and the required binaries, the mismatches would be resolved and confidence would rise.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.1
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
ratgdo32 disco — Garage Door Controller
Control a ratgdo32 disco (HomeKit firmware) garage door opener via its local REST API.
Security Model
The ratgdo32 disco uses a local network trust model. The device's web API is only accessible from your LAN — it does not expose any ports to the internet and has no cloud dependency.
Your responsibilities:
- Keep the device on a trusted, password-protected network (WPA2/WPA3)
- Do not port-forward the device's HTTP port to the internet
- Use your router's client isolation or VLAN features if you want extra segmentation
- The agent should always confirm door state before acting (built into the helper script)
This is the same trust model used by most local smart home devices (Hue bridges, Shelly relays, ESPHome, etc.).
Setup
Set the RATGDO_HOST environment variable to your device's IP or mDNS hostname:
export RATGDO_HOST="192.168.1.XXX" # or your-device.local
If unset, the helper script defaults to 192.168.1.XXX — you must update it.
Find your device IP via your router's DHCP table, or use mDNS:
dns-sd -B _hap._tcp # Browse HomeKit devices
Device Info
Configure these for your setup:
| Field | How to Find |
|---|---|
| IP | Router DHCP table or mDNS browse |
| mDNS | Usually Garage-Door-XXXXXX.local (based on MAC) |
| MAC | Printed on the ratgdo32 board or in your router's client list |
| Protocol | Check your garage opener's learn button color (yellow = Security+ 2.0, purple = Security+ 1.0) |
| Web UI | http://<your-ip>/ |
Quick Reference
| Action | Command |
|---|---|
| Get full status | curl -s http://$RATGDO_HOST/status.json |
| Open door | curl -s -X POST -F "garageDoorState=1" http://$RATGDO_HOST/setgdo |
| Close door | curl -s -X POST -F "garageDoorState=0" http://$RATGDO_HOST/setgdo |
| Light on | curl -s -X POST -F "garageLightOn=1" http://$RATGDO_HOST/setgdo |
| Light off | curl -s -X POST -F "garageLightOn=0" http://$RATGDO_HOST/setgdo |
| Disable remotes | curl -s -X POST -F "garageLockState=1" http://$RATGDO_HOST/setgdo |
| Enable remotes | curl -s -X POST -F "garageLockState=0" http://$RATGDO_HOST/setgdo |
Status API
GET http://<host>/status.json returns JSON:
{
"garageDoorState": "open|closed|opening|closing|stopped",
"garageLightOn": true|false,
"garageObstructed": true|false,
"garageLockState": "locked|unlocked",
"vehicleState": "present|absent|arriving|departing",
"vehicleDistance": 42,
"motionDetected": true|false
}
Key fields
- garageDoorState — current door position
- garageLightOn — ceiling light status
- garageObstructed — safety sensor triggered (do NOT close if true)
- garageLockState — "locked" means physical remotes are disabled
- vehicleState — laser sensor detects parked car
- vehicleDistance — distance to vehicle in cm (laser)
- motionDetected — PIR motion sensor
Control API
POST http://<host>/setgdo with form data:
| Field | Values | Effect |
|---|---|---|
garageDoorState | 1 = open, 0 = close | Opens or closes the door |
garageLightOn | 1 = on, 0 = off | Toggles ceiling light |
garageLockState | 1 = lock, 0 = unlock | Disables/enables physical remotes |
Safety Rules
- Never close the door if
garageObstructedis true. Report the obstruction and stop. - Always check status before opening/closing to confirm current state and avoid unnecessary operations.
- Confirm with the user before disabling remotes — this temporarily locks out all physical remotes (wall button, car remotes). Re-enable with
garageLockState=0.
Helper Script
Use scripts/garage.sh for common operations:
# Status (human-readable)
bash scripts/garage.sh status
# Control
bash scripts/garage.sh open
bash scripts/garage.sh close
bash scripts/garage.sh light-on
bash scripts/garage.sh light-off
bash scripts/garage.sh lock-remotes
bash scripts/garage.sh unlock-remotes
The helper script includes safety checks: it verifies obstruction status before closing and confirms current state before toggling.
Compatibility
- Firmware: HomeKit firmware v3.x+ (tested on v3.4.4)
- Protocols: Security+ 2.0 (yellow learn button), Security+ 1.0 (purple learn button)
- Platforms: Works alongside HomeKit/Apple Home. Not compatible with Home Assistant simultaneously (HomeKit single-pair limitation). Use web API for agent control, Apple Home for Siri/manual control.
- Vehicle sensor: Requires the optional laser parking sensor. Distance reading varies by vehicle position.
Notes
- HomeKit pairing is separate from the web API. Both can operate simultaneously.
- The device broadcasts mDNS as
Garage-Door-XXXXXX.localwhere XXXXXX is derived from the MAC address.
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…