Back to skill
Skillv1.0.0
VirusTotal security
xiaodu-iot · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 6:01 AM
- Hash
- f2697f91d47cf3d092ba8dc6189e0a480e79e0ba3aea01390389eb38f422df96
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xiaodu-iot Version: 1.0.0 The skill bundle is a well-structured integration for controlling Xiaodu (Baidu) smart home devices and speakers via the Model Context Protocol (MCP). It provides utility scripts for device discovery (update_devices.sh), batch IoT control (batch_control.sh), and voice broadcasting (speak_message.sh), all of which use standard tools like mcporter and jq. While the skill requires shell and network access to interact with the Xiaodu ecosystem, its behavior is strictly aligned with its stated purpose, and no evidence of data exfiltration, credential theft, or malicious intent was found.
- External report
- View on VirusTotal