ClawHub

Emporia Energy

v1.0.0

Direct Emporia Vue energy queries via Emporia cloud (PyEmVue) or local ESPHome API, including guidance on choosing/configuring cloud vs local modes and running list/summary/circuit commands.

1· 1.9k·0 current·0 all-time
by@urosorozel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill clearly implements Emporia cloud (PyEmVue) and local ESPHome access and requires the corresponding credentials (EMPORIA_EMAIL/PASSWORD or ESPHOME_HOST/API_KEY). However, registry metadata at the top of the submission lists no required env vars or binaries while the SKILL.md and scripts clearly require EMPORIA_MODE and use python3 and several credential environment variables — this metadata mismatch should be corrected.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts and to set the expected env vars. The scripts only read the declared environment variables, contact either the Emporia cloud (via pyemvue) or a local ESPHome API, and produce JSON output. There are no instructions to read unrelated system files or send data to unexpected endpoints.
Install Mechanism
There is no remote install step in the skill bundle (instruction-only install), and dependencies are provided as simple pip requirements files (pyemvue, aioesphomeapi). This is a low-risk, typical approach. As always, installing pip packages carries normal supply-chain risk — review/verify packages if needed.
Credentials
The credentials the skill requires (Emporia account email/password for cloud mode or ESPHome host/API key/password for local mode) are appropriate for its functionality. The minor concern is that the registry metadata declared no required env vars while SKILL.md and the scripts clearly expect EMPORIA_MODE and the credentials — the mismatch could confuse users and automation that grants envs. The number and sensitivity of env vars is proportional to the task, but they are sensitive and should be supplied only when using the skill.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges (always:false). It doesn't modify other skills or system-wide config. Autonomous invocation is allowed (default) which is normal — note that an autonomously-invokable skill that has network access will use provided credentials when run.
Assessment
This skill appears to do what it says: query Emporia cloud via pyemvue or a locally flashed ESPHome device using aioesphomeapi. Before installing: (1) be aware you must provide sensitive credentials (EMPORIA_EMAIL/EMPORIA_PASSWORD for cloud or ESPHOME_HOST plus ESPHOME_API_KEY/ESPHOME_PASSWORD for local); supply them only if you trust the skill and understand where they will be stored and used. (2) The registry metadata omitted required env/binary declarations — verify you set EMPORIA_MODE and the correct env vars when enabling the skill. (3) Install dependencies inside an isolated virtualenv and review pyemvue/aioesphomeapi package versions if you have supply-chain concerns. (4) Because the skill's source/homepage is unknown, prefer to run it locally first (manual invocation) to confirm behavior before enabling autonomous invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk979pbnzrgwphbhm1gwssmdne9805rg6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments