中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 25/100
上次扫描:21 小时前 重新扫描
25 /100
midea-cloud-control
Connect and control Midea devices through the Midea cloud with a local cached account/device config. Supports connect, list, and power toggle.
This is a legitimate Midea cloud control skill that stores user credentials in plaintext on disk — a significant but documented and disclosed security concern with no evidence of exfiltration or covert behavior.
技能名称midea-cloud-control
分析耗时46.3s
引擎pi
可以安装
Accept the skill but warn users that passwords are stored in plaintext in ~/.openclaw/midea-cloud-control/config.json. Pin midealocal to a specific version (e.g., ==6.6.0) to prevent supply-chain surprises. Add an allowed-tools declaration mapping uv/Bash/Read/Write.

安全发现 3 项

严重性 安全发现 位置
高危
Plaintext password storage on disk 凭证窃取
The connect command stores the user's Midea account password in plaintext in ~/.openclaw/midea-cloud-control/config.json. If this file is compromised (malware, unauthorized access), the attacker gains the user's Midea cloud password in cleartext.
path = save_config({
    "account": account,
    "password": password,
    "cloud_name": cloud_name,
    "devices": devices,
})
→ Either encrypt the stored credentials (e.g., using keyring or a symmetric key from environment), or use token-based auth. If plaintext storage is unavoidable, warn users prominently and advise using a dedicated Midea account.
 references/generated-midea-skill-cli.md:65
中危
Unpinned midealocal dependency version 供应链
The generated midea_skill_cli.py imports 'from midealocal.cloud import MideaCloud, get_midea_cloud' without a version constraint. api-notes.md references midea-local==6.6.0, but this is not enforced. A future malicious or buggy release could alter behavior.
from midealocal.cloud import MideaCloud, get_midea_cloud
→ Add a requirements.txt or pin the version in the uv run command: 'uv run --with midea-local==6.6.0 python ...'
 references/generated-midea-skill-cli.md:9
低危
Missing allowed-tools declaration 文档欺骗
The SKILL.md does not include an allowed-tools declaration mapping to the capability model. While the workflow is documented in prose, the formal mapping (Bash→shell:WRITE, Read→filesystem:READ, Write→filesystem:WRITE) is absent.
No allowed-tools section present
→ Add an allowed-tools declaration per the capability model: 'allowed-tools: Bash, Read, Write'
 SKILL.md:1
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 SKILL.md bootstrap step writes config_store.py and midea_skill_cli.py; generated…
命令执行 WRITE WRITE ✓ 一致 SKILL.md executes 'uv run python skills_runtime/midea-cloud-control/midea_skill_…
网络访问 READ READ ✓ 一致 generated-midea-skill-cli.py uses aiohttp to call Midea cloud APIs (login, list,…
环境变量 NONE NONE No environment variable access found
技能调用 NONE NONE No nested skill invocation
剪贴板 NONE NONE No clipboard access
浏览器 NONE NONE No browser access
数据库 NONE NONE No database access

目录结构

4 文件 · 11.7 KB · 346 行
Markdown 4f · 346L
├─ 📁 references
│ ├─ 📝 api-notes.md Markdown 21L · 878 B
│ ├─ 📝 generated-config-store.md Markdown 30L · 866 B
│ └─ 📝 generated-midea-skill-cli.md Markdown 186L · 6.0 KB
└─ 📝 SKILL.md Markdown 109L · 4.0 KB

依赖分析 2 项

包名版本来源已知漏洞备注
midealocal unpinned pip api-notes.md references 6.6.0 but the generated CLI does not enforce a version pin. A future release could alter behavior.
aiohttp unpinned pip Used for HTTP client; no version constraint

安全亮点

✓ No base64-encoded execution, obfuscation, or anti-analysis techniques detected
✓ No network requests to unexpected/external IPs — all API calls go to Midea cloud infrastructure
✓ No credential exfiltration — passwords are stored locally only for Midea API authentication
✓ No reverse shell, C2, or covert data transfer mechanisms
✓ Documentation is thorough and explicitly discloses credential storage location and behavior
✓ No hidden HTML comments, embedded scripts, or shadow functionality
✓ The skill is a pure-text publishable skill with no binary artifacts