← Back to Skills Marketplace
Tapo
by
mihai-dinculescu
· GitHub ↗
· v0.3.0
· MIT-0
413
Downloads
1
Stars
3
Active Installs
5
Versions
Install in OpenClaw
/install tapo
Description
Control TP-Link Tapo smart home devices (lights, plugs, strips, cameras) via [Tapo MCP](https://github.com/mihai-dinculescu/tapo/tree/main/tapo-mcp).
Usage Guidance
This skill is coherent: it only documents using npx mcporter to talk to a Tapo MCP server you must run. Before installing/use: (1) ensure you trust and correctly deploy the Tapo MCP server (image/source: ghcr.io/mihai-dinculescu/tapo-mcp is referenced); (2) protect any Bearer token or TAPO_MCP_* secrets — mcporter config may write them to ~/.mcporter/mcporter.json, so restrict file permissions (chmod 600) and avoid exposing the MCP server to the public internet; (3) take_snapshot requires camera account credentials on the MCP server — keep those secrets confined to the server environment; (4) npx will execute packages on your machine when you run commands, so ensure your runtime environment is secure. If you plan to expose the MCP server beyond your LAN, review authentication (TAPO_MCP_API_KEY) and network firewalling first.
Capability Analysis
Type: OpenClaw Skill
Name: tapo
Version: 0.3.0
The skill provides a legitimate interface for controlling TP-Link Tapo smart home devices via the Model Context Protocol (MCP). It uses the `mcporter` utility to communicate with a user-hosted Tapo MCP server, with clear documentation in `SKILL.md` and `references/setup.md` regarding configuration and security practices (e.g., using Bearer tokens and setting file permissions). No indicators of data exfiltration, malicious execution, or harmful prompt injection were found.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (control Tapo devices via Tapo MCP) matches the instructions: all runtime commands are npx mcporter calls to a user-run Tapo MCP server. The only required binary is npx, which is appropriate for invoking mcporter.
Instruction Scope
SKILL.md and references only instruct the agent to configure mcporter and call listed tools (list_devices, check_device, get_device_state, control_device, take_snapshot). They do not ask the agent to read unrelated system files or exfiltrate data. Minor scope note: the recommended mcporter config command writes credentials/headers to ~/.mcporter/mcporter.json (system-wide by default); the docs explicitly advise restricting file permissions, and users should be aware this stores the Bearer token locally.
Install Mechanism
Instruction-only (no install spec, no files executed). This is low-risk: it relies on npx being available to invoke mcporter and the user-run Tapo MCP server. There is no download/install step embedded in the skill itself.
Credentials
The skill declares no required environment variables. Device/server credentials (TAPO_MCP_* env vars, camera username/password, or an API key) are configuration for the external Tapo MCP server, not requested by the skill — which is proportionate. The take_snapshot tool does require camera credentials to be configured on the server (documented).
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges or modify other skills. It uses normal agent-invokable behavior (autonomous invocation not disabled), which is the platform default and expected for callable skills.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tapo - After installation, invoke the skill by name or use
/tapo - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.0
Add take_snapshot tool for Tapo cameras, switch invocation to npx mcporter, and pin the skill to Tapo MCP server v0.3.0+.
v0.2.0
Added get_device_state tool, Brightness and Color set capabilities. Renamed set_device_state to control_device with multi-capability support. Added Recreate strategy to Kubernetes example.
v1.0.2
Add Tapo MCP server setup reference (Docker, Kubernetes, configuration, authentication)
v1.0.1
Fix setup docs: remove redundant mcporter install step, add Tapo MCP link, add chmod 600 security recommendation
v1.0.0
Initial release of Tapo skill.
- Control TP-Link Tapo smart devices (lights, plugs, power strips) via a Tapo MCP server.
- Provides commands to list devices, verify device identity, and set a device's power state.
- Includes setup instructions for connecting mcporter to a Tapo MCP server.
- Supports bearer token authentication for secure access.
- Designed to ensure correct usage with rules for device listing and control.
Metadata
Frequently Asked Questions
What is Tapo?
Control TP-Link Tapo smart home devices (lights, plugs, strips, cameras) via [Tapo MCP](https://github.com/mihai-dinculescu/tapo/tree/main/tapo-mcp). It is an AI Agent Skill for Claude Code / OpenClaw, with 413 downloads so far.
How do I install Tapo?
Run "/install tapo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Tapo free?
Yes, Tapo is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Tapo support?
Tapo is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Tapo?
It is built and maintained by mihai-dinculescu (@mihai-dinculescu); the current version is v0.3.0.
More Skills