← 返回 Skills 市场
Closeli Open Device Live Query
作者
CloseliOpenTeam
· GitHub ↗
· v1.0.3
· MIT-0
192
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install api-device-live
功能描述
Closeli Device Live Query API. Used to obtain the Web live playback link for a specified device and supports real-time viewing of the device feed. Use when:...
使用说明 (SKILL.md)
Device Live Link API
POST /api/device/live is used to obtain the H5 player live link for a specified device. The API verifies device ownership and then returns a player URL that can be opened directly in a browser.
⚠️ Display Rules (MUST be strictly followed)
The script outputs structured data in JSON format, which is the expected behavior. The display rules below are formatting instructions for the agent: the agent MUST parse the JSON output from the script, convert it into a user-friendly format according to the following rules before displaying it, and MUST NOT display the raw JSON directly.
The script output includes the _device_name field (device name), which is used for display.
- When
code == 0anddatacontainslive_url, MUST use Markdown link format:
📺 Live stream of "Living Room Camera":
Key rules:
- Get the device name from
_device_nameand display it as "device name" instead of the MAC address - If
_device_nameis empty, use the MAC address with thexxxxS_prefix removed as a fallback live_urlMUST be output using Markdown link syntax[text](url), and MUST NOT be output as bare URL text- Use
▶️ Click to open live playeras the link text
- When
code != 0, reply: "API call failed, error code {code}, reason: {message}"
Prerequisites
The script depends on httpx. If it is not installed, the script will prompt python3 -m pip install httpx.
Configuration Declaration
This skill depends on the following configuration items. The agent and user MUST confirm that they are correctly configured before running.
Required Configuration
| Configuration Item | Delivery Method | Description |
|---|---|---|
| AI_GATEWAY_API_KEY | Environment variable (recommended), ~/.openclaw/.env (fallback), command line --api-key |
API key used for API authentication. The script automatically retrieves it according to this priority order |
Optional Configuration
| Configuration Item | Delivery Method | Default Value | Description |
|---|---|---|---|
| AI_GATEWAY_HOST | Environment variable, ~/.openclaw/.env |
https://ai-open.icloseli.com |
Gateway address |
| AI_GATEWAY_VERIFY_SSL | Environment variable | true | Set to false to disable TLS certificate verification (development environments only) |
| AI_GATEWAY_NO_ENV_FILE | Environment variable | false | Set to true to disable fallback reading from ~/.openclaw/.env (recommended for production environments) |
Fallback Configuration Path
By default, the script reads the ~/.openclaw/.env file as the fallback configuration source. This file is shared by all skills and uses the format KEY=VALUE (one per line). In production environments, you MUST set AI_GATEWAY_NO_ENV_FILE=true to disable this fallback and instead pass all configuration directly through environment variables.
Security Notes
- The shared credential file
~/.openclaw/.envcan be read by all skills under the same user. In production environments, you MUST pass API_KEY through environment variables and MUST NOT rely on the shared credential file - TLS certificate verification is enabled by default. You MUST NOT disable it in production environments (disabling it introduces man-in-the-middle attack risks, and attackers may intercept API_KEY and device data)
- Before use, you MUST confirm that AI_GATEWAY_HOST points to a trusted domain
- You MUST use a least-privilege API_KEY to avoid reusing high-privilege credentials. This skill only requires permission to retrieve device live links
Network Access Declaration
This skill only accesses the following endpoints (all under AI_GATEWAY_HOST):
| Endpoint | Method | Purpose |
|---|---|---|
| /api/device/list | POST | Obtain device name mapping |
| /api/device/live | POST | Obtain device live link |
The script does not access any other network resources.
Quick Start
python3 get_live_url.py --device-id "xxxxS_aabbccddeeff"
Request Format
Request Body
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| device_id | string | Yes | Device ID, format: xxxxS_\x3Cmac>, cannot be empty |
Response Format
{
"code": 0,
"message": "success",
"request_id": "\x3C32-character request trace ID>",
"data": {
"live_url": "https://example.com/h5player/pro/autoPlay_credentials.html?t=k7qp2vx9nb4ml8wr3ty6sa"
},
"_device_name": "Living Room Camera"
}
data Field
| Parameter Name | Type | Description |
|---|---|---|
| live_url | string | H5 player live link, which can be opened directly in a browser or WebView |
Error Codes
| Error Code | HTTP Status Code | Description |
|---|---|---|
| 1001 | 401 | api_key not provided (missing Authorization header or incorrect format) |
| 1002 | 401 | api_key is invalid or disabled |
| 2001 | 400 | Missing required parameter (device_id is empty, or the device does not belong to the current user) |
| 3001 | 502 | Internal gateway service call failed |
| 5000 | 500 | Internal error |
Notes
device_idcannot be empty, otherwise error code 2001 is returned- If the device does not belong to the current user, an error is returned directly
- IMPORTANT:
device_idis case-sensitive. The prefix MUST be lowercasexxxxS_, NOT uppercaseXXXXS_. The script will auto-correct the case, but the agent SHOULD always pass the correct lowercase format - The returned
live_urlonly contains a 22-character short-lived token (expires in 120 seconds by default). After the H5 player loads, it automatically calls/api/player/exchangeto exchange it for the real playback credential. No sensitive information (apiKey,productKey, stream token,deviceId) is included in the URL - Global request timeout is 120 seconds
安全使用建议
This skill appears coherent for fetching device live links. Before installing: (1) ensure AI_GATEWAY_HOST points to a trusted domain and use a least-privilege API key limited to retrieving live links; (2) avoid relying on the shared ~/.openclaw/.env in production — set AI_GATEWAY_NO_ENV_FILE=true and pass the key via environment variables; (3) do not disable TLS verification in production (AI_GATEWAY_VERIFY_SSL=false); (4) be prepared to install the httpx Python package if missing; (5) note the SKILL.md requires the agent to reformat the script's JSON into a Markdown link — verify that display behavior meets your privacy/usability needs.
功能分析
Type: OpenClaw Skill
Name: api-device-live
Version: 1.0.3
The skill is a legitimate tool for retrieving live camera feed URLs from the Closeli IoT platform. The Python script (get_live_url.py) implements standard API client logic, including credential management via environment variables or a local configuration file (~/.openclaw/.env), and uses the httpx library for secure communication with the designated gateway (ai-open.icloseli.com). No evidence of malicious intent, unauthorized data exfiltration, or harmful prompt injection was found.
能力标签
能力评估
Purpose & Capability
Name/description (fetch live playback link) aligns with what the code does and the single required credential (AI_GATEWAY_API_KEY). Required binary (python3) is appropriate and no unrelated services or secrets are requested.
Instruction Scope
SKILL.md instructs the agent to parse the script's JSON output and format a Markdown link instead of showing raw JSON — this is consistent with the script printing JSON. The SKILL.md and script both declare use of ~/.openclaw/.env as a fallback; the instructions do not request other files, nor do they send data to endpoints outside the declared AI_GATEWAY_HOST. The strict 'MUST not show raw JSON' display rule is a presentation requirement; it is not harmful but is brittle and relies on the agent following formatting rules.
Install Mechanism
No install spec (instruction-only) and included script uses a standard dependency (httpx). The script prints a clear message asking to install httpx if missing. No downloads from unknown URLs or archive extraction are present.
Credentials
Only AI_GATEWAY_API_KEY is required (declared as primaryEnv). Optional env vars (AI_GATEWAY_HOST, AI_GATEWAY_VERIFY_SSL, AI_GATEWAY_NO_ENV_FILE) are documented. The one noteworthy aspect is the fallback to a shared file (~/.openclaw/.env) which can expose the API key to other skills — the SKILL.md warns about this and recommends setting AI_GATEWAY_NO_ENV_FILE=true in production and using a least-privilege key.
Persistence & Privilege
always:false and no indications the skill modifies system-wide settings or other skills. Autonomous invocation is allowed (platform default) but not combined with other red flags.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install api-device-live - 安装完成后,直接呼叫该 Skill 的名称或使用
/api-device-live触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
No code changes; only documentation updated.
- SKILL.md rewritten from Chinese to English for broader audience accessibility.
- Updated configuration defaults, notably changing the AI_GATEWAY_HOST default to "https://ai-open.icloseli.com".
- Clarified case-sensitivity requirements for device_id and that the script auto-corrects case.
- Added explicit note that agents should always pass device_id in lowercase with prefix xxxxS_.
- Minor clarifications on security notes and configuration instructions.
- No logic changes or file modifications; functionality remains unchanged.
v1.0.2
- Updated the skill description for greater clarity on integration, usage scenario, and security requirements.
- Added explicit security notes about obtaining and setting the AI_GATEWAY_API_KEY in the description.
- Strengthened guidance on acquiring API keys via the APP AI settings page.
- No changes to technical implementation, API, or user-facing logic.
v1.0.1
No functional changes; only documentation updates.
- Updated example H5 直播链接(live_url)格式中的路径和参数说明,强调 token 策略和安全性调整。
- 说明 live_url 现在只包含短期 token,H5 播放器加载后自动换取真实播放凭证。
- 删除了部分响应示例中的无用字段,以及调整了错误码表(移除未实际返回的 3004)。
- 细化安全注意事项,明确敏感信息不会出现在直播链接 URL。
- 强化关于 token 有效期和最佳实践的说明。
v1.0.0
Major update: This version replaces the device列表接口 skill with a live stream link retrieval skill.
- Skill now provides "Get device live stream link" functionality via POST /api/device/live.
- Swapped file: removed list_devices.py, added get_live_url.py.
- SKILL.md updated: describes how to obtain and display H5 live stream links for a specified device.
- Added new formatting rules: outputs Markdown-formatted live stream links with device names.
- Previous device list–specific interface, instructions, and details removed.
元数据
常见问题
Closeli Open Device Live Query 是什么?
Closeli Device Live Query API. Used to obtain the Web live playback link for a specified device and supports real-time viewing of the device feed. Use when:... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 192 次。
如何安装 Closeli Open Device Live Query?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install api-device-live」即可一键安装,无需额外配置。
Closeli Open Device Live Query 是免费的吗?
是的,Closeli Open Device Live Query 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Closeli Open Device Live Query 支持哪些平台?
Closeli Open Device Live Query 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Closeli Open Device Live Query?
由 CloseliOpenTeam(@closeli-open)开发并维护,当前版本 v1.0.3。
推荐 Skills