mijia
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill defines local execution patterns for controlling device hardware. The provided Python script uses the
argparsemodule to validate inputs such as brightness ranges (1-100) and color temperature, preventing malformed commands from being executed. - [EXTERNAL_DOWNLOADS]: The skill lists
mijiaapias a dependency inpyproject.toml. This is a standard library for interacting with Xiaomi's ecosystem and is fetched from the official Python Package Index (PyPI). - [CREDENTIALS_UNSAFE]: Sensitive device identifiers are managed through the
MIJIA_LAMP_DIDenvironment variable rather than being hardcoded in the source code. The authentication process for the Xiaomi account is handled interactively via the library, ensuring no login credentials are stored within the skill files.
Audit Metadata