← 返回 Skills 市场
222
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install midea-cloud-control
功能描述
Connect and control Midea devices through the Midea cloud with a local cached account/device config. Use when a user wants to connect a Midea account, list d...
安全使用建议
This skill appears to do what it claims, but review and take these precautions before installing or running it: 1) Inspect the two generated files (generated-config-store.md and generated-midea-skill-cli.md) yourself — they are included in the package and will be written and executed locally. 2) Be aware the skill stores your account and password in plaintext at ~/.openclaw/midea-cloud-control/config.json; only proceed if you accept that storage risk, or modify the code to use encrypted storage or the OS credential store. 3) Ensure the runtime environment has the required Python packages (midealocal and aiohttp) and the 'uv' runner (or adjust the commands to use your Python). The skill metadata does not declare these dependencies. 4) Run the skill in an isolated environment (virtualenv, container, or throwaway account) if you want to limit blast radius. 5) After use, consider deleting the config.json file if you no longer want credentials stored. 6) If you need stronger guarantees, prefer a skill that uses OAuth or official SDK flows rather than storing passwords, or verify the midealocal package version/source before use.
功能分析
Type: OpenClaw Skill
Name: midea-cloud-control
Version: 1.0.0
The skill stores Midea cloud credentials (account and password) in plain text in a local configuration file (~/.openclaw/midea-cloud-control/config.json), which is a significant security vulnerability. It also employs a 'bootstrap' pattern in SKILL.md that requires the AI agent to write and execute Python code from markdown blocks (generated-midea-skill-cli.md), a high-risk execution flow. While the code logic appears to align with the stated purpose of controlling appliances via the midealocal library, the insecure handling of sensitive user data is a critical flaw.
能力评估
Purpose & Capability
Name/description match what the skill does: it logs into Midea cloud, enumerates devices, caches device metadata, and sends power toggle commands. However the package references the Python library midealocal and aiohttp (and mentions midea-local==6.6.0 in api-notes) but the skill metadata declares no dependencies or install steps — a missing dependency declaration is an operational mismatch.
Instruction Scope
SKILL.md explicitly instructs the agent to write two Python files from the included markdown blobs and execute them. That behavior is consistent with the purpose but is a capability worth noting: the skill writes code to disk and executes it locally. The runtime commands use 'uv run python ...' (a runtime helper that is not declared in required binaries), which is another operational mismatch that may cause failures if 'uv' is not available.
Install Mechanism
There is no install spec (instruction-only), which limits remote code fetch risk. All code to be executed is included in the package as markdown blobs. That reduces supply-chain risk, but the skill still requires third-party Python packages (midealocal, aiohttp) that must already be installed or be installed by other means — this is not declared.
Credentials
The only sensitive data collected are the user's Midea account and password, which the skill legitimately needs. The generated code saves account/password in plaintext under ~/.openclaw/midea-cloud-control/config.json; the SKILL.md instructs to warn the user first, which is appropriate, but plaintext storage is a privacy risk and should be handled with caution (encrypted storage or OS credential store would be safer). No unrelated credentials or env vars are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent settings. It does create local files and a per-user config file in the home directory (its own workspace and ~/.openclaw/...); this is expected for caching credentials and device metadata.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install midea-cloud-control - 安装完成后,直接呼叫该 Skill 的名称或使用
/midea-cloud-control触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of midea-cloud-control skill:
- Enables connection to a user’s Midea cloud account and local caching of device info.
- Supports listing all discovered Midea devices after account connection.
- Allows powering named Midea air conditioners on or off via cloud APIs.
- Prompts users before first-time credential storage, ensuring privacy.
- Includes only the verified minimum workflow; advanced features (temperature, mode, state) are not supported.
元数据
常见问题
Midea Cloud Control 是什么?
Connect and control Midea devices through the Midea cloud with a local cached account/device config. Use when a user wants to connect a Midea account, list d... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 222 次。
如何安装 Midea Cloud Control?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install midea-cloud-control」即可一键安装,无需额外配置。
Midea Cloud Control 是免费的吗?
是的,Midea Cloud Control 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Midea Cloud Control 支持哪些平台?
Midea Cloud Control 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Midea Cloud Control?
由 Fook(@fooklook)开发并维护,当前版本 v1.0.0。
推荐 Skills