← Back to Skills Marketplace
Xiaomi
by
yiqiezhenxi
· GitHub ↗
· v1.0.0
1385
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install xiaomi
Description
[English] Control Xiaomi Home devices via local LAN using miiocli. Supports status checks, toggling power, and MIOT property manipulation for devices like smart plugs, humidifiers, and rice cookers. | [中文] 通过局域网利用 miiocli 控制米家智能设备。支持查看状态、开关控制以及对智能插座、加湿器、电饭煲等 MIOT 设备的属性调优。
Usage Guidance
This skill claims to include helper scripts (a token extractor) and example files but those files are not in the package — that's a strong inconsistency. Before installing or running anything: 1) Do not run any token-extraction commands or paste your Xiaomi account credentials unless you can inspect the actual script code locally. 2) If you want python-miio, install it yourself (follow official project instructions) rather than running the provided one-line that hardcodes a pipx venv path. 3) Avoid storing device tokens or account credentials in plaintext files inside a project/repo; use a secure secret store. 4) Ask the publisher to provide the missing scripts and a reproducible, cross-platform install recipe (and to explain how tokens are obtained and protected). If the publisher cannot produce the missing files and transparent instructions, treat the skill as untrusted.
Capability Analysis
Type: OpenClaw Skill
Name: xiaomi
Version: 1.0.0
The skill is classified as benign. All described actions, including the installation of `python-miio` via `pipx` and the instruction to run a local `token_extractor.py` script, are directly and transparently aligned with the stated purpose of controlling Xiaomi Home devices locally. There is no evidence of intentional harmful behavior, data exfiltration to external endpoints, or malicious prompt injection attempts against the agent. The use of shell commands for installation and a local script for token acquisition are necessary for the skill's functionality.
Capability Assessment
Purpose & Capability
The declared purpose (local LAN control of Xiaomi devices using miiocli) matches the required binary (miiocli) and example commands. However the SKILL.md repeatedly claims a 'bundled' token_extractor script and other support files (scripts/token_extractor.py, references/devices.md) that are not present in the skill bundle, which is inconsistent.
Instruction Scope
Instructions tell the agent to run a token-extraction script that syncs device IPs and 32‑byte tokens from Xiaomi Cloud and to store tokens locally; but that script is not included. The instructions implicitly require access to Xiaomi account credentials and direct users to store sensitive tokens in plaintext files (references/*), which expands scope beyond simple LAN control and risks leaking secrets.
Install Mechanism
There is an install step in the metadata that runs 'pipx install python-miio' and then runs pip against a hard-coded pipx venv path (/Users/$(whoami)/.local/pipx/venvs/python-miio/bin/python -m pip install ...). Installing from PyPI is expected for python-miio, but the command is macOS/Unix user-path specific, brittle, and will modify the user's pipx environment. No archive downloads from unknown hosts were used.
Credentials
The skill declares no required environment variables, yet it instructs obtaining tokens from Xiaomi Cloud and storing them in local files. That implies needing Xiaomi account credentials and secrets (tokens) but the skill does not declare or document how credentials are handled or protected. Storing tokens in repo files is a sensitive practice not justified in the description.
Persistence & Privilege
always:false and normal autonomous invocation are fine. The install step will create/modify a user-level pipx venv for python-miio (persistent in the user environment). The skill does not request system-wide changes or modify other skills, but the install is persistent in the user's home.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xiaomi - After installation, invoke the skill by name or use
/xiaomi - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Control Xiaomi (Mi Home) devices on your local network using miiocli.
- Supports status checks, power toggles, and MIOT property adjustments for devices like smart plugs, humidifiers, and rice cookers.
- Includes a built-in token extraction script for easy device setup.
- Ready-to-use workflows for common device types.
- Automated dependency fix for common Python library issues.
- Full documentation in both English and Chinese.
Metadata
Frequently Asked Questions
What is Xiaomi?
[English] Control Xiaomi Home devices via local LAN using miiocli. Supports status checks, toggling power, and MIOT property manipulation for devices like smart plugs, humidifiers, and rice cookers. | [中文] 通过局域网利用 miiocli 控制米家智能设备。支持查看状态、开关控制以及对智能插座、加湿器、电饭煲等 MIOT 设备的属性调优。 It is an AI Agent Skill for Claude Code / OpenClaw, with 1385 downloads so far.
How do I install Xiaomi?
Run "/install xiaomi" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Xiaomi free?
Yes, Xiaomi is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Xiaomi support?
Xiaomi is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Xiaomi?
It is built and maintained by yiqiezhenxi (@yiqiezhenxi); the current version is v1.0.0.
More Skills