Tesla Smart Charge
ReviewAudited by ClawScan on May 10, 2026.
Overview
The Tesla scheduler is mostly aligned with its stated purpose, but it under-declares Tesla account/device control and includes an unsafe shell-based charging command despite claiming it avoids shell injection risk.
Review this skill before installing. Use it only if you are comfortable granting Tesla account control for charging, fix or verify the shell=True start-charging path, and add cron jobs only deliberately with a clear way to disable them.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install it without realizing it needs account-level Tesla access capable of changing vehicle charging behavior.
The registry contract does not disclose required Tesla account authority, while SKILL.md says TESLA_EMAIL and a configured Tesla API credential through the Tesla skill are required.
Required env vars: none; Env var declarations: none; Primary credential: none
Declare TESLA_EMAIL, the Tesla skill dependency, and the required Tesla credential/permission scope in metadata before users install or automate it.
A malformed TESLA_EMAIL or path value could cause unintended local shell commands to run when starting charging.
The start_charging path builds a shell command with interpolated data and executes it with shell=True, creating command-injection risk if that path is used with unsafe input.
f'TESLA_EMAIL="{self.tesla_email}" python3 {self.tesla_skill_dir}/scripts/tesla.py charge start', shell=TrueReplace this with subprocess argument lists and an env dictionary, as used elsewhere in the script, and validate TESLA_EMAIL before every Tesla command.
Users may over-trust the skill’s safety posture and automate vehicle-control actions without noticing the actual implementation and metadata gaps.
These safety claims conflict with the supplied artifacts: the script includes a shell=True command path, and the registry metadata lists no env vars or credential/dependency declarations.
✅ No shell injection risk: Uses argument lists instead of shell=True; ✅ Explicit dependencies: Metadata declares required env vars and skill dependencies
Remove or correct the claims until the code and registry metadata match them.
Once configured, it may keep changing vehicle charge limits on a schedule until the cron jobs are removed or changed.
The skill recommends recurring cron jobs that continue to manage Tesla charge limits after setup.
Every 30 minutes during active hours (manage session limits): ... --schedule "*/30 8-23 * * *" ... --manage-session
Only add the cron jobs intentionally, keep the schedule file reviewed, and document how to disable or remove the jobs.