Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
led controler
v1.0.1Control Raspberry Pi GPIO pins remotely by setting specified pins HIGH or LOW through RPC calls.
⭐ 0· 76·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to control Raspberry Pi GPIO remotely and the included script sends HTTP RPC requests to a Pi — that is coherent. However the SKILL.md says the endpoint is http://pi.local:9000/run while the script uses a hard-coded IP (192.168.0.14), which is an unexplained discrepancy. The script also does not expose or require any of the usual configuration (no env var to set the Pi address) which reduces flexibility and suggests sloppy implementation.
Instruction Scope
The SKILL.md restricts actions to predefined GPIO operations, but the script accepts any ACTION string passed by the caller and forwards it verbatim to the Pi. There is no local validation of allowed actions or pin ranges. The script transmits control commands over HTTP with no authentication or encryption; SKILL.md does not mention authentication. The instructions and code therefore permit the agent to send arbitrary JSON RPC payloads to a network endpoint, which may be broader than the documented safe scope.
Install Mechanism
There is no install spec (instruction-only style) which is low-risk in general. However a scripts/main.sh file is included and would be present on disk when the skill is installed. The script uses curl (assumed present) and writes nothing else. No external downloads or installers are present — that is reasonable but the presence of an executable script increases runtime risk if invoked without review.
Credentials
The skill requests no environment variables or credentials, yet it performs network control of hardware over HTTP without authentication. The lack of required credentials is not necessarily good here — it implies unauthenticated access to the Pi endpoint. Also the Pi address is hard-coded in the script rather than configurable, which is poor practice and may cause accidental control of an unintended host on the local network.
Persistence & Privilege
The skill does not request always:true, does not require special system paths or modify other skills, and uses normal autonomous invocation defaults. There is no evidence it attempts to gain persistent elevated privileges or modify other agent configurations.
What to consider before installing
This skill appears to do what it says (send RPC commands to a Raspberry Pi) but has several issues you should address before installing or using it:
- Verify the target host: SKILL.md references http://pi.local:9000/run but the script hard-codes 192.168.0.14. Confirm which address is correct and avoid accidental control of the wrong device.
- Authentication & encryption: The script sends commands over plain HTTP with no auth. Ensure the Pi's RPC server requires authentication (token/HTTPS) or run this only on a tightly controlled private network.
- Input validation: The script forwards ACTION and PIN without checking allowed values. Prefer a whitelist (only gpio_on/gpio_off and valid pin ranges) to prevent unexpected commands.
- Make the Pi address configurable: Replace the hard-coded PI_IP with a configurable env var or skill setting so the agent cannot accidentally reach other hosts.
- Review the remote RPC server: Inspect the Pi-side implementation to confirm it actually limits actions to safe GPIO operations and does not execute arbitrary shell commands.
If you cannot confirm the above, treat the skill as risky — especially on networks with multiple devices or where an unauthenticated RPC could be abused. If you want, I can suggest a revised script and a safer SKILL.md that add validation, configuration, and optional authentication.Like a lobster shell, security has layers — review code before you run it.
latestvk97073fwhdjr0km758njfsb0ph83zfde
License
MIT-0
Free to use, modify, and redistribute. No attribution required.