← Back to Skills Marketplace
222
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install midea-cloud-control
Description
Connect and control Midea devices through the Midea cloud with a local cached account/device config. Use when a user wants to connect a Midea account, list d...
Usage Guidance
This skill appears to do what it claims, but review and take these precautions before installing or running it: 1) Inspect the two generated files (generated-config-store.md and generated-midea-skill-cli.md) yourself — they are included in the package and will be written and executed locally. 2) Be aware the skill stores your account and password in plaintext at ~/.openclaw/midea-cloud-control/config.json; only proceed if you accept that storage risk, or modify the code to use encrypted storage or the OS credential store. 3) Ensure the runtime environment has the required Python packages (midealocal and aiohttp) and the 'uv' runner (or adjust the commands to use your Python). The skill metadata does not declare these dependencies. 4) Run the skill in an isolated environment (virtualenv, container, or throwaway account) if you want to limit blast radius. 5) After use, consider deleting the config.json file if you no longer want credentials stored. 6) If you need stronger guarantees, prefer a skill that uses OAuth or official SDK flows rather than storing passwords, or verify the midealocal package version/source before use.
Capability Analysis
Type: OpenClaw Skill
Name: midea-cloud-control
Version: 1.0.0
The skill stores Midea cloud credentials (account and password) in plain text in a local configuration file (~/.openclaw/midea-cloud-control/config.json), which is a significant security vulnerability. It also employs a 'bootstrap' pattern in SKILL.md that requires the AI agent to write and execute Python code from markdown blocks (generated-midea-skill-cli.md), a high-risk execution flow. While the code logic appears to align with the stated purpose of controlling appliances via the midealocal library, the insecure handling of sensitive user data is a critical flaw.
Capability Assessment
Purpose & Capability
Name/description match what the skill does: it logs into Midea cloud, enumerates devices, caches device metadata, and sends power toggle commands. However the package references the Python library midealocal and aiohttp (and mentions midea-local==6.6.0 in api-notes) but the skill metadata declares no dependencies or install steps — a missing dependency declaration is an operational mismatch.
Instruction Scope
SKILL.md explicitly instructs the agent to write two Python files from the included markdown blobs and execute them. That behavior is consistent with the purpose but is a capability worth noting: the skill writes code to disk and executes it locally. The runtime commands use 'uv run python ...' (a runtime helper that is not declared in required binaries), which is another operational mismatch that may cause failures if 'uv' is not available.
Install Mechanism
There is no install spec (instruction-only), which limits remote code fetch risk. All code to be executed is included in the package as markdown blobs. That reduces supply-chain risk, but the skill still requires third-party Python packages (midealocal, aiohttp) that must already be installed or be installed by other means — this is not declared.
Credentials
The only sensitive data collected are the user's Midea account and password, which the skill legitimately needs. The generated code saves account/password in plaintext under ~/.openclaw/midea-cloud-control/config.json; the SKILL.md instructs to warn the user first, which is appropriate, but plaintext storage is a privacy risk and should be handled with caution (encrypted storage or OS credential store would be safer). No unrelated credentials or env vars are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent settings. It does create local files and a per-user config file in the home directory (its own workspace and ~/.openclaw/...); this is expected for caching credentials and device metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install midea-cloud-control - After installation, invoke the skill by name or use
/midea-cloud-control - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of midea-cloud-control skill:
- Enables connection to a user’s Midea cloud account and local caching of device info.
- Supports listing all discovered Midea devices after account connection.
- Allows powering named Midea air conditioners on or off via cloud APIs.
- Prompts users before first-time credential storage, ensuring privacy.
- Includes only the verified minimum workflow; advanced features (temperature, mode, state) are not supported.
Metadata
Frequently Asked Questions
What is Midea Cloud Control?
Connect and control Midea devices through the Midea cloud with a local cached account/device config. Use when a user wants to connect a Midea account, list d... It is an AI Agent Skill for Claude Code / OpenClaw, with 222 downloads so far.
How do I install Midea Cloud Control?
Run "/install midea-cloud-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Midea Cloud Control free?
Yes, Midea Cloud Control is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Midea Cloud Control support?
Midea Cloud Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Midea Cloud Control?
It is built and maintained by Fook (@fooklook); the current version is v1.0.0.
More Skills