ClawHub

Ring Doorbell & Camera

v1.0.1

Control and monitor Ring doorbells and cameras. List devices, capture snapshots, view events. Use when user asks about their Ring cameras, doorbell activity,...

0· 110·0 current·0 all-time
byLeo Li@zlmoment
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description request Ring device access and the skill requires python3, the ring-doorbell Python library, and ffmpeg — all expected for listing devices, snapshots, and extracting frames from recordings. Required binaries and library are proportional to the stated purpose.
Instruction Scope
SKILL.md and ring_tool.py restrict actions to: prompting for Ring credentials/2FA, saving a token to ~/.openclaw/ring_token.json, listing devices, fetching snapshots, and reading event history. The instructions do not access unrelated system paths or external endpoints beyond the Ring APIs/CDN used by the ring-doorbell library.
Install Mechanism
No automated install script is included (instruction-only). It instructs the user to pip install the public ring-doorbell package and to have ffmpeg available — a standard, low-risk approach. No downloads from untrusted URLs or archive extraction occur in the skill itself.
Credentials
The skill requests no environment variables and instead prompts interactively for the Ring email/password and 2FA code, then stores an auth token locally at ~/.openclaw/ring_token.json. That behavior is expected and proportionate for a client that needs user credentials; no unrelated secrets or services are requested.
Persistence & Privilege
always is false and the skill does not request elevated system privileges. It persists only its own token and media under ~/.openclaw and does not modify other skills or system-wide configurations. Autonomous invocation is allowed (platform default) but not combined with other red flags here.
Assessment
This skill appears to do what it says: it will ask you for your Ring email, password, and 2FA code and save a refreshable token to ~/.openclaw/ring_token.json and images to ~/.openclaw/media/ring/. Before installing: 1) verify you trust the skill/source (owner/homepage are not provided here); 2) install the ring-doorbell package from a trusted PyPI source and ensure ffmpeg is from your package manager; 3) understand that providing credentials grants the skill access to your Ring account via the saved token — revoke/delete ~/.openclaw/ring_token.json if you want to remove that access; 4) review the included ring_tool.py code (visible) if you have further concerns. If you do not trust the unknown publisher, avoid entering credentials or run the tool in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

cameravk9742e7c0y3tb6e1bh6nzqyf4h834dpnhomevk9742e7c0y3tb6e1bh6nzqyf4h834dpnlatestvk9776fyf8y9p399v7wf648rzsd835mprsecurityvk9742e7c0y3tb6e1bh6nzqyf4h834dpn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3, ffmpeg

Comments