SwitchBot OpenAPI
SuspiciousAudited by ClawScan on May 13, 2026.
Overview
This looks like a legitimate SwitchBot controller, but it can issue high-impact smart-home commands such as unlocking doors, creating keypad codes, and executing scenes, so it deserves careful review.
Install only if you want the agent to control your SwitchBot account. Before use, make sure API credentials are stored securely, review which locks, doors, keypads, appliances, and scenes are reachable, and require explicit confirmation for any command that could affect safety or physical access.
Publisher note
Support custom text settings on the Weather Station AI analysis page
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad invocation could affect physical devices or access controls, such as unlocking a door, opening a garage, changing security settings, or creating/deleting keypad passcodes.
The CLI forwards agent/user-supplied command and parameter values to the SwitchBot command API. The surrounding docs include high-impact uses such as unlock and createKey, while the runnable code does not enforce a confirmation or allowlist.
const body = { commandType, command, parameter }; ... request('POST', `/v1.1/devices/${deviceId}/commands`, body)Require explicit user confirmation for locks, garage doors, keypad codes, scenes, and other safety-sensitive actions; prefer allowlisted device IDs and commands where possible.
Anyone or any agent process with access to these environment variables may be able to control the connected SwitchBot devices allowed by the token.
The skill uses SwitchBot account API credentials to sign and authorize requests. This is expected for the official API, but the credentials likely grant broad account/device authority.
const token = process.env.SWITCHBOT_TOKEN; const secret = process.env.SWITCHBOT_SECRET; ... 'Authorization': token, ... 'sign': sign
Store the token and secret securely, avoid logging them, revoke/rotate them if exposed, and use the narrowest SwitchBot account or token scope available.
Running the wrong scene could change multiple devices in the home at once.
The skill can execute SwitchBot scenes, which may trigger multiple devices or automations at once. This is disclosed and purpose-aligned, but it can amplify the impact of a wrong scene ID or misunderstood request.
scene <sceneId> Execute a scene ... request('POST', `/v1.1/scenes/${a1}/execute`)Review scene contents in the SwitchBot app and require explicit confirmation before executing scenes that affect locks, doors, appliances, or other safety-sensitive devices.