📦 Xiao Mi Home for HA — 语音控米家
v1.0.0通过 Home Assistant REST API 用自然语言指令控制小米/米家生态中的灯光、开关、传感器、空调、风扇、媒体播放器及场景,实现全屋智能一句话操控。
0· 259·1 当前·1 累计
by 下载技能包
最后更新
2026/3/12
安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
Functionally this skill looks coherent for controlling Home Assistant. Before installing: 1) Confirm the registry metadata discrepancy (the published metadata did not list HA_URL/HA_TOKEN while SKILL.md does). 2) Only provide a long‑lived HA token you trust the agent with; avoid pasting it into public or shared chats. 3) Consider creating a Home Assistant token with limited privileges if possible and test the skill using the provided mock server (test-mock.sh) before pointing it at your real HA ...详细分析 ▾
✓ 用途与能力
Name/description (control Xiaomi devices through Home Assistant REST API) align with the declared requirements in SKILL.md (curl, jq, HA_URL, HA_TOKEN). The bundled scripts (test.sh, test-mock.sh, mock-ha-server.py) are test/mock utilities useful for offline and live testing and are consistent with the skill's purpose. Note: registry metadata at the top of the submission shows no required env vars/binaries whereas SKILL.md does declare them — this is an inconsistency in the published metadata but not a functional mismatch.
ℹ 指令范围
SKILL.md only instructs using the Home Assistant REST API (GET /api/states, POST /api/services/...) via curl/jq. It also instructs storing HA_URL/HA_TOKEN in OpenClaw config (openclaw config set) or editing ~/.openclaw/openclaw.json; these actions are within scope for a skill that needs persistent credentials. Caution: the doc suggests pasting long-lived tokens in chat for the AI to run openclaw config set — that is a user-privacy risk (not a technical incoherence).
✓ 安装机制
No install spec (instruction-only runtime) — lowest install risk. The repository includes test scripts and a simple local mock server (Python stdlib) that are harmless local test tooling. No downloads from external/unknown URLs or extracted archives are present.
ℹ 凭证需求
The only runtime secrets the skill needs are HA_URL and a long-lived HA_TOKEN, which are proportional to controlling a Home Assistant instance. There are no unrelated credentials requested. Note the registry metadata did not list these env vars but SKILL.md does — you should confirm the platform will prompt for/provide these before enabling the skill.
✓ 持久化与权限
always:false (normal). The skill's workflow expects to write its own config entries (openclaw config set or editing ~/.openclaw/openclaw.json) so it can persist the HA_TOKEN; this is expected for a skill that must contact your HA instance. It does not request system-wide privileges or modify other skills.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/12
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install xiaomi-homne-ha
镜像加速npx clawhub@latest install xiaomi-homne-ha --registry https://cn.longxiaskill.com