← Back to Skills Marketplace
Ezviz Open Camera Video
by
EzvizOpenTeam
· GitHub ↗
· v1.0.1
· MIT-0
171
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install ezviz-open-camera-video
Description
Ezviz camera video streaming skill. Generates PC and mobile links for live and playback streams. Use when: Need to view camera live feed, playback recordings...
README (SKILL.md)
Ezviz Open Video (萤石设备视频流)
Generate Ezviz camera live and playback streaming links for PC and mobile devices.
⚠️ Security Warning (Read Before Installation)
Complete the following security checks before using this skill:
| # | Check | Status | Description |
|---|---|---|---|
| 1 | Credential Permissions | ⚠️ Required | Use minimal permission AppKey/AppSecret, do not use master account credentials |
| 2 | Config File Reading | ⚠️ Note | Skill reads ~/.openclaw/*.json files (but environment variables have higher priority) |
| 3 | Token Caching | ⚠️ Note | Token cached in /tmp/ezviz_global_token_cache/ (permissions 600, shared across skills) |
| 4 | API Domain | ✅ Verified | openai.ys7.com is official Ezviz API endpoint |
| 5 | Code Review | ✅ Recommended | Review scripts/generate_preview.py and lib/token_manager.py |
| 6 | Python Dependencies | ⚠️ Required | Requires requests library - install via pip install requests |
🔒 Config File Reading Details
Credential Priority (high to low):
┌─────────────────────────────────────────────────────────────┐
│ 1. Environment Variables (Highest Priority - Recommended) │
│ ├─ EZVIZ_APP_KEY │
│ ├─ EZVIZ_APP_SECRET │
│ └─ EZVIZ_DEVICE_SERIAL │
│ ✅ Advantage: No config file reading, fully isolated │
├─────────────────────────────────────────────────────────────┤
│ 2. OpenClaw Config Files (Only when env vars not set) │
│ ├─ ~/.openclaw/config.json │
│ ├─ ~/.openclaw/gateway/config.json │
│ └─ ~/.openclaw/channels.json │
│ ⚠️ Note: Only reads channels.ezviz field │
├─────────────────────────────────────────────────────────────┤
│ 3. Command Line Arguments (Lowest Priority) │
│ python3 generate_preview.py appKey appSecret deviceSerial│
└─────────────────────────────────────────────────────────────┘
Security Recommendations:
- ✅ Best Practice: Use environment variables, completely avoid config file reading
- ✅ Isolated Config: Store Ezviz credentials in dedicated config file, don't mix with other services
- ⚠️ Risk Mitigation: Set environment variables to override config files (will be ignored even if config exists)
Quick Secure Configuration
# 1. Use environment variables (highest priority, avoids accidental config file use)
export EZVIZ_APP_KEY="your_dedicated_app_key"
export EZVIZ_APP_SECRET="your_dedicated_app_secret"
export EZVIZ_DEVICE_SERIAL="BF6985110"
# 2. High security: Disable token caching
export EZVIZ_TOKEN_CACHE=0
# 3. Test credentials (recommended to use test account first)
# Login to https://openai.ys7.com/ to create dedicated app with only preview permissions
Quick Start
Install Dependencies
pip install requests
Set Environment Variables
export EZVIZ_APP_KEY="your_app_key"
export EZVIZ_APP_SECRET="your_app_secret"
export EZVIZ_DEVICE_SERIAL="BF6985110"
Optional environment variables:
export EZVIZ_CHANNEL_NO="1" # Channel number, default 1
export EZVIZ_TOKEN_CACHE="1" # Token cache: 1=enabled (default), 0=disabled
Run
python3 {baseDir}/scripts/generate_preview.py
Command line arguments:
# Single device
python3 {baseDir}/scripts/generate_preview.py appKey appSecret BF6985110 1
# Specify channel number
python3 {baseDir}/scripts/generate_preview.py appKey appSecret BF6985110 1
Channels Configuration (Recommended)
Skill supports automatically reading Ezviz credentials from OpenClaw channels configuration.
Configuration
Add to ~/.openclaw/config.json or ~/.openclaw/channels.json:
{
"channels": {
"ezviz": {
"appId": "your_app_id",
"appSecret": "your_app_secret",
"domain": "https://openai.ys7.com",
"enabled": true
}
}
}
Priority
Credential priority:
- Environment Variables (Highest)
- Channels Config (Medium)
- Command Line Arguments (Lowest)
Workflow
1. Get Token (appKey + appSecret → accessToken)
↓
2. Generate Links (accessToken + deviceSerial → preview/playback URLs)
↓
3. Output Results (PC + Mobile links for live and playback)
Token Auto-Get Explanation
You don't need to manually get or configure EZVIZ_ACCESS_TOKEN!
Skill automatically handles token acquisition and caching:
First Run:
appKey + appSecret → Call Ezviz API → Get accessToken (7 days validity)
↓
Save to cache file (system temp directory)
↓
Subsequent Runs:
Check if cached token is expired
├─ Not expired → Use cached token directly ✅
└─ Expired → Get new token
Token Management Features:
- ✅ Auto Get: Automatically call Ezviz API on first run
- ✅ 7 Days Validity: Token valid for 7 days
- ✅ Smart Caching: Don't re-get within validity period
- ✅ Safety Buffer: Auto-refresh 5 minutes before expiry
- ✅ No Config Needed: No need to manually set
EZVIZ_ACCESS_TOKEN - ✅ Secure Storage: Cache file permissions 600
Output Example
======================================================================
Ezviz Open Video Skill (萤石设备视频流)
======================================================================
[Time] 2026-03-19 19:23:00
[INFO] Device: BF6985110 (Channel: 1)
======================================================================
SECURITY VALIDATION
======================================================================
[OK] Device serial format validated
[OK] Using credentials from environment variables
======================================================================
[Step 1] Getting access token...
======================================================================
[INFO] Using cached global token, expires: 2026-03-26 19:21:16
[SUCCESS] Using cached token, expires: 2026-03-26 19:21:16
======================================================================
[Step 2] Generating links...
======================================================================
📺 Live Links:
🖥️ PC:
https://open.ys7.com/console/jssdk/pc.html?url=ezopen://open.ys7.com/BF6985110/1.live&accessToken=at.xxx
📱 Mobile:
https://open.ys7.com/console/jssdk/mobile.html?url=ezopen://open.ys7.com/BF6985110/1.live&accessToken=at.xxx
📼 Playback Links:
🖥️ PC:
https://open.ys7.com/console/jssdk/pc.html?url=ezopen://open.ys7.com/BF6985110/1.rec&accessToken=at.xxx
📱 Mobile:
https://open.ys7.com/console/jssdk/mobile.html?url=ezopen://open.ys7.com/BF6985110/1.rec&accessToken=at.xxx
======================================================================
Link Format
| Type | Platform | Format |
|---|---|---|
| Live | PC | https://open.ys7.com/console/jssdk/pc.html?url=ezopen://{serial}/{channel}.live&accessToken={token} |
| Live | Mobile | https://open.ys7.com/console/jssdk/mobile.html?url=ezopen://{serial}/{channel}.live&accessToken={token} |
| Playback | PC | https://open.ys7.com/console/jssdk/pc.html?url=ezopen://{serial}/{channel}.rec&accessToken={token} |
| Playback | Mobile | https://open.ys7.com/console/jssdk/mobile.html?url=ezopen://{serial}/{channel}.rec&accessToken={token} |
Link Explanation:
.live— Live streaming.rec— Recording playback
API Interface
| Interface | URL | Documentation |
|---|---|---|
| Get Token | POST /api/lapp/token/get |
https://openai.ys7.com/help/81 |
Network Endpoints
| Domain | Purpose |
|---|---|
openai.ys7.com |
Ezviz Open Platform API (Token) |
open.ys7.com |
Preview page hosting |
Notes
⚠️ Token Validity: accessToken typically valid for 7 days, skill auto-manages caching and refresh
⚠️ Privacy Compliance: Camera monitoring may involve privacy issues, ensure compliance with local laws
⚠️ Device Requirements: Device must be online to generate valid links
Data Flow Explanation
This skill sends data to third-party services:
| Data Type | Sent To | Purpose | Required |
|---|---|---|---|
| appKey/appSecret | openai.ys7.com (Ezviz) |
Get access token | ✅ Required |
| EZVIZ_ACCESS_TOKEN | Auto-generated | Auto-get on each run | ✅ Auto |
Data Flow:
- ✅ Ezviz Platform (
openai.ys7.com): Token request - Official Ezviz API - ❌ No Other Third Parties: No data sent to other services
- ❌ Preview Links: Only generates URLs, no video stream data transmitted
Credential Permission Recommendations:
- Use minimal permission appKey/appSecret
- Enable only necessary API permissions
- Rotate credentials regularly
- Do not use master account credentials
Local Processing:
- ✅ Token cached to system temp directory, permissions 600
- ✅ Token valid for 7 days, auto-refresh 5 minutes before expiry
- ✅ Can disable cache: Set
EZVIZ_TOKEN_CACHE=0environment variable
Usage Examples
Scenario 1: Single Device Preview
python3 generate_preview.py your_key your_secret BF6985110
Scenario 2: Specify Channel
python3 generate_preview.py your_key your_secret BF6985110 1
Scenario 3: Environment Variables
export EZVIZ_APP_KEY="your_key"
export EZVIZ_APP_SECRET="your_secret"
export EZVIZ_DEVICE_SERIAL="BF6985110"
python3 generate_preview.py
🔐 Token Management & Security
Token Caching Behavior
Default Behavior:
- ✅ Token cached to system temp directory (
/tmp/ezviz_global_token_cache/) - ✅ Cache valid for 7 days
- ✅ Auto-refresh 5 minutes before expiry
- ✅ Cache file permissions 600
- ⚠️ Note: Cache is shared across all skills using this token manager
Security Considerations
| Concern | Mitigation |
|---|---|
| Global cache shared across skills | Run in isolated environment (container/VM), or disable caching |
| Temp directory accessible by other users | Use dedicated user account, or set custom cache path |
| Token persistence | Disable caching: EZVIZ_TOKEN_CACHE=0 |
Disable Token Caching (High Security)
export EZVIZ_TOKEN_CACHE=0
python3 scripts/generate_preview.py ...
Cache File Location
| System | Path |
|---|---|
| macOS/Linux | /tmp/ezviz_global_token_cache/ |
| Windows | C:\Users\{user}\AppData\Local\Temp\ezviz_global_token_cache\ |
Clear Cache:
rm -rf /tmp/ezviz_global_token_cache/
🔒 Security Recommendations
1. Use Minimal Permission Credentials
- Create dedicated appKey/appSecret
- Do not use master account credentials
- Rotate credentials regularly (recommended every 90 days)
2. Environment Variable Security
# Use .env file
echo "EZVIZ_APP_KEY=your_key" >> .env
echo "EZVIZ_APP_SECRET=your_secret" >> .env
chmod 600 .env
source .env
3. Disable Caching (High Security Scenarios)
export EZVIZ_TOKEN_CACHE=0
4. Isolated Environment (Recommended)
- Run in container/VM for stricter isolation
- Use dedicated user account with restricted temp directory access
- Review
lib/token_manager.pyto understand cache behavior
5. Config File Security
- Ensure
~/.openclaw/*.jsonfiles don't contain unrelated secrets - Prefer environment variables to avoid config file reading entirely
Security Audit Checklist
Before Installation
- Review Code — Read
scripts/generate_preview.pyandlib/token_manager.py - Verify API Domain — Confirm
openai.ys7.comis official Ezviz endpoint - Prepare Test Credentials — Create dedicated Ezviz application
- Install Dependencies — Run
pip install requests
During Installation
- Use Environment Variables — Prefer environment variables over config files
- Minimal Permission Credentials — Do not use master account credentials
- Isolated Environment — Consider container/VM for stricter isolation
After Installation
- Verify Cache Permissions — Confirm cache file permissions are 600
- Test Functionality — Verify links open correctly
- Review Config Files — Ensure
~/.openclaw/*.jsondon't contain unrelated secrets
File Structure
ezviz-open-video/
├── SKILL.md # Skill documentation
├── lib/
│ ├── token_manager.py # Token manager (shared)
│ └── README_TOKEN_MANAGER.md # Token management docs
├── references/
│ └── ezviz-agent-api.md # API reference
└── scripts/
└── generate_preview.py # Main script
Related Skills
- ezviz-open-picture: Device snapshot/capture skill
- ezviz-open-ptz-control: PTZ control skill
Official Resources
- Ezviz Open Platform: https://open.ys7.com/
- API Documentation: https://openai.ys7.com/doc/
Last Updated: 2026-03-19
Version: 1.1.0
Usage Guidance
This skill is internally coherent for generating Ezviz preview/playback links, but review and consider the following before installing:
- Use a dedicated, least-privileged Ezviz AppKey/AppSecret (do not use master account credentials).
- Prefer environment variables (EZVIZ_APP_KEY and EZVIZ_APP_SECRET) to avoid the skill reading ~/.openclaw/*.json. If those files contain other service credentials, relocate or strip them first.
- The skill caches access tokens in /tmp/ezviz_global_token_cache/global_token_cache.json (file mode 0600). If you are uncomfortable with a shared local cache, set EZVIZ_TOKEN_CACHE=0 or run the skill in an isolated environment/container and clear the cache after use.
- Inspect the bundled scripts (scripts/generate_preview.py and lib/token_manager.py) yourself if you are unsure; they appear to call only the documented Ezviz API domain (openai.ys7.com) and perform local file I/O for caching and config lookup.
- If you need higher assurance, run the skill on an isolated machine or container, and rotate/revoke AppKey/AppSecret after testing.
If you want, I can list the exact lines where config files are read and where the cache is written so you can review them quickly.
Capability Analysis
Type: OpenClaw Skill
Name: ezviz-open-camera-video
Version: 1.0.1
The skill is designed to generate Ezviz camera streaming links by interacting with the official Ezviz Open API (openai.ys7.com). It includes a robust token management system in 'lib/token_manager.py' that caches credentials in the system's temporary directory with restricted permissions (0600) to minimize exposure. While 'scripts/generate_preview.py' can read from configuration files in '~/.openclaw/', this behavior is explicitly documented as a fallback mechanism, and the code lacks any indicators of malicious intent, data exfiltration, or unauthorized execution.
Capability Assessment
Purpose & Capability
Name/description align with requested credentials (EZVIZ_APP_KEY, EZVIZ_APP_SECRET) and the included code implements token retrieval and URL generation for Ezviz API endpoints.
Instruction Scope
SKILL.md and the code explicitly read ~/.openclaw/{config.json,gateway/config.json,channels.json} as a fallback; this can expose any secrets stored in those files. The skill also documents and uses optional env vars (EZVIZ_DEVICE_SERIAL, EZVIZ_CHANNEL_NO, EZVIZ_TOKEN_CACHE) beyond the two declared required vars — the behavior is documented but expands scope to local file reads.
Install Mechanism
No install script or remote download is used (instruction-only skill with bundled Python files). This is lower risk than fetching and executing remote archives.
Credentials
Required env vars (app key/secret) are proportional to the purpose. Additional optional env vars are used but are documented. The skill does not request unrelated cloud credentials.
Persistence & Privilege
The token_manager writes a global cache file under the system temp directory (/tmp/ezviz_global_token_cache/global_token_cache.json) and sets 0600 permissions. While restricted to the same OS user, the cache is shared across skills and persists tokens for up to their expiry—this increases the local blast radius and may retain access tokens longer than desired.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ezviz-open-camera-video - After installation, invoke the skill by name or use
/ezviz-open-camera-video - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added explicit dependency on the Python requests library; installation via pip is now required.
- Clarified that token cache is shared across skills unless isolated; security note on global cache directory.
- Improved security warnings regarding config file reading and shared token cache.
- Updated documentation to specify dependency installation and adjusted security/config instructions accordingly.
- No functional code changes; documentation and metadata improvements only.
v1.0.0
Ezviz Open Video skill initial release.
- Generate secure live and playback streaming links for Ezviz cameras on PC and mobile.
- Supports environment variable configuration for credentials (recommended for security).
- Optionally reads from OpenClaw config files if environment variables not set.
- Automatic access token management and caching with permissions and security warnings.
- Outputs ready-to-use Ezviz stream preview links for remote monitoring.
Metadata
Frequently Asked Questions
What is Ezviz Open Camera Video?
Ezviz camera video streaming skill. Generates PC and mobile links for live and playback streams. Use when: Need to view camera live feed, playback recordings... It is an AI Agent Skill for Claude Code / OpenClaw, with 171 downloads so far.
How do I install Ezviz Open Camera Video?
Run "/install ezviz-open-camera-video" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Ezviz Open Camera Video free?
Yes, Ezviz Open Camera Video is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Ezviz Open Camera Video support?
Ezviz Open Camera Video is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Ezviz Open Camera Video?
It is built and maintained by EzvizOpenTeam (@ezviz-open); the current version is v1.0.1.
More Skills