Manage Bambu Labs 3D Printers thru your Agent
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: bambu-cli Version: 1.0.0 The skill bundle is designed to operate and troubleshoot BambuLab printers using `bambu-cli`. The `SKILL.md` documentation explicitly guides the AI agent towards safe practices, such as requiring confirmation for destructive actions (e.g., `print stop`, `files delete`, `gcode send`) and instructing the agent to avoid placing sensitive access codes directly in command-line flags, instead recommending `--access-code-file` or `--access-code-stdin`. While the skill allows file transfers to/from the printer and sending arbitrary G-code, these are core functionalities for printer control and are accompanied by safety guidelines. There is no evidence of data exfiltration from the host, malicious execution, persistence mechanisms, or prompt injection attempts against the agent for harmful purposes.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could help run commands that interrupt prints, change printer behavior, or affect printer hardware state.
The skill documents commands that can stop prints, delete printer files, send G-code, calibrate, and reboot a physical printer. This is purpose-aligned and includes confirmation guidance, but users should review commands before execution.
Require confirmation for destructive actions (stop print, delete files, gcode send, calibrate, reboot); use `--force`/`--confirm` only when the user explicitly agrees.
Confirm the exact printer, action, file, and command before running any print-control, file-delete, G-code, calibration, temperature, motion, or reboot command.
Anyone who obtains the access code or access-code file may be able to control the printer.
The skill expects use of Bambu printer access codes, which are device-control credentials. The guidance is appropriate because it discourages putting secrets directly in command flags.
Avoid access codes in flags; use `--access-code-file` or `--access-code-stdin` only.
Store access-code files securely, avoid pasting access codes into chat or shell history, and only use profiles for printers you intend the agent to control.
The safety of actual command execution depends on the separate bambu-cli installed in the user environment.
The skill is only documentation but relies on an external `bambu-cli` tool whose source and installation path are not provided in the artifacts.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install bambu-cli only from a trusted source and verify which executable will run before using this skill to generate or execute commands.