Gaggiuino Local
ReviewAudited by ClawScan on May 2, 2026.
Overview
The skill is coherent for local Gaggiuino machine analysis/control, but it can change a real espresso machine's profile/settings and stores a preferred machine URL for future use.
Install only if you intend to let the agent interact with a trusted Gaggiuino machine on your LAN. Before changing profiles or settings, review the requested target and settings payload, and periodically verify or clear the saved base URL if your machine IP changes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad request could change how the espresso machine behaves for future shots.
The skill intentionally exposes commands that can change the active profile and settings on a real Gaggiuino machine. This is disclosed and purpose-aligned, but it is still device-mutation authority.
switch to a named profile ... → `scripts/gaggiuino.sh profiles` → resolve id → `scripts/gaggiuino.sh select-profile <id>`; settings read/change ... → `scripts/gaggiuino.sh get-settings <category>` first, then `scripts/gaggiuino.sh update-settings <category> <json>`
Use profile and settings changes only when you explicitly want them; review the target profile ID and settings JSON before applying changes.
Future status, shot, profile, or settings requests could go to the wrong endpoint and return misleading data or apply changes to an unintended local device.
The wrapper stores a preferred base URL in persistent workspace memory and uses it on later runs, so a stale or wrong value can redirect future machine queries.
STATE_FILE="${HOME}/.openclaw/workspace/memory/gaggiuino-base-url.json" ... 'preferredBaseUrl': urlKeep the saved URL limited to a trusted LAN Gaggiuino endpoint; use get-base-url or clear-base-url if behavior looks wrong.
It is harder to independently verify provenance or updates before allowing a skill that controls a local device.
The registry metadata does not provide an upstream source or homepage, so users cannot easily compare the bundled scripts against an authoritative project location.
Source: unknown; Homepage: none
Inspect the bundled scripts before installation and prefer installing from a publisher/source you trust.