When to Use
Use this skill when the user wants an agent to connect to their own Tapo cameras on a trusted local network, verify camera reachability, take still captures, and inspect the resulting frames without defaulting to cloud workflows.
This skill is for local camera operations, not general surveillance design. Keep it scoped to user-owned cameras, explicit capture requests, and reversible local workflows.
Architecture
Memory lives in ~/tapo-camera/. If ~/tapo-camera/ does not exist, run setup.md. See memory-template.md for structure.
CODEBLOCK0
Only create cameras.md, sessions/, captures/, or incidents.md if the user wants persistent local state.
Quick Reference
| Topic | File |
|---|
| Setup and activation behavior | INLINECODE8 |
| Memory schema and status values |
memory-template.md |
| Camera inventory template |
cameras.md |
| Incident log template |
incidents.md |
| Discovery, auth, and capability checks |
discovery-and-auth.md |
| Local still-capture and review flows |
snapshot-workflows.md |
| Unofficial API fallback boundary |
api-fallback.md |
| Failure diagnosis and recovery order |
troubleshooting.md |
| Local capture helper |
tapo-capture.py |
Requirements
- - �INLINECODE17
- INLINECODE18� and its
kasa CLI for local discovery, device state, and camera module access - INLINECODE20� for one-frame JPEG capture from RTSP
- A Tapo camera account with RTSP and ONVIF enabled in the Tapo app when the model supports third-party compatibility
- Camera host or IP on the same trusted local network as the agent
- Optional environment variables for the helper:
TAPO_CAMERA_USERNAME, TAPO_CAMERA_PASSWORD, or �INLINECODE23 - Optional unofficial fallback: a local API library only when RTSP or ONVIF is unavailable and the user approves that narrower path
Treat Tapo credentials and KASA_CREDENTIALS_HASH as secrets. Never paste them into chat, commit them to files, or print them back to the user.
Data Storage
Use local notes only when they improve repeatability:
- - the memory file for activation boundaries, privacy limits, and preferred output paths
- INLINECODE25� for camera labels, hosts, model quirks, and stream capability notes
- dated session notes for capture attempts and the exact path that worked
- INLINECODE26� for recurring auth, RTSP, ONVIF, or firmware regressions
- the
captures/ folder for user-approved still images only
Core Rules
1. Prove scope and ownership before touching a camera
- - Confirm the camera belongs to the user and the agent is on the same trusted network segment.
- Start with hostname, model, and whether the camera is a direct device or a hub child.
- Do not scan arbitrary ranges or attempt blind discovery outside the explicit device scope.
2. Prefer maintained local tooling first
- - Use
python-kasa and the kasa CLI for discovery, auth validation, and camera capability checks. - Use RTSP and ONVIF on the local camera only after confirming third-party compatibility is enabled.
- Reach for unofficial APIs only when the maintained local path cannot produce the required capture flow.
3. Separate discovery from capture
- - First prove the device answers and the camera module is present.
- Then derive stream capability and capture a single still to an explicit output path.
- Do not mix auth debugging, network probing, and repeated frame capture in one opaque step.
4. Keep secrets out of chat, disk, and process output
- - Inject camera credentials from a secret manager or ephemeral environment variables.
- Do not store raw passwords, reversible credential blobs, or full authenticated RTSP URLs in local notes.
- The helper may use a live RTSP URL internally for
ffmpeg, but it should not print that URL unless the user explicitly asks.
5. Capture the smallest useful artifact
- - Default to one still image, not continuous recording.
- Write captures only to a user-approved local path under
~/tapo-camera/captures/ or another explicit destination. - Name captures with camera label and timestamp so later inspection stays deterministic.
6. Keep the trust boundary local by default
- - Local Tapo device traffic is allowed only to the camera host on the user's LAN.
- Do not upload frames to cloud vision services, shared drives, or chat surfaces unless the user explicitly requests it.
- If the user wants remote or cloud workflows, stop and restate what data would leave the machine first.
7. Fall back deterministically
- - If
kasa cannot expose a camera module or RTSP URL, check model support, privacy mode, and third-party compatibility before changing approach. - If the camera is a hub child, battery device, or a model with broken RTSP support, use the API fallback playbook and keep that path local-first.
- Record the final working path so the next capture does not repeat the same trial-and-error.
Capture Traps
| Trap | Why It Fails | Better Move |
|---|
| Treating every Tapo device like a direct RTSP camera | Hub children and some battery devices do not expose the same local stream surface | Identify device class first, then choose RTSP, ONVIF, or API fallback |
| Printing the full RTSP URL into logs |
That leaks camera credentials into history and shared output | Keep URLs redacted by default and only reveal them on explicit request |
| Using cloud login assumptions for local capture | Local device auth and camera account setup are separate in practice | Verify the camera account and third-party compatibility state first |
| Jumping straight to repeated frame pulls | Harder to debug and easier to cross privacy boundaries | Prove one still capture before any loop or batch job |
| Storing captures and credentials together | Raises the blast radius if the local folder is copied or synced | Keep images and secrets separate, and never persist secrets in
~/tapo-camera/ |
External Endpoints
| Endpoint | Data Sent | Purpose |
|---|
| INLINECODE34 | local camera authentication and feature queries | local device connection through �INLINECODE35 |
| INLINECODE36� or �INLINECODE37 |
local camera credentials and stream request | still capture via
ffmpeg from the LAN stream |
|
http://{camera-host}:2020/onvif/device_service | local device-service requests | ONVIF capability checks when enabled on the camera |
No third-party endpoint is part of the default workflow.
Security & Privacy
Data that may leave your machine:
- - Nothing to third parties by default
- Local-LAN requests to the user's camera host for auth, capability checks, and frame capture
Data that stays local:
- - User-approved notes under �INLINECODE40
- Captured stills in a local folder chosen by the user
- Troubleshooting logs and device capability notes
This skill does NOT:
- - store camera passwords, tokens, or reversible credential blobs in plain text
- capture or upload images without explicit user intent
- run undeclared cloud vision or cloud relay workflows
- modify camera firmware, privacy settings, or motor position by default
- access files outside the working directory or
~/tapo-camera/ for memory
Scope
This skill ONLY:
- - connects to user-owned Tapo cameras on a trusted local network
- validates local access with maintained tools
- captures still images to explicit local paths
- documents the minimum fallback needed when RTSP or ONVIF is unavailable
This skill NEVER:
- - brute-force camera credentials or scan arbitrary networks
- enable silent background monitoring
- upload frames to external services by default
- treat hub children, battery devices, and direct cameras as interchangeable
- rewrite the installed skill files
Related Skills
Install with
clawhub install <slug> if user confirms:
- -
cameras - broader camera capture and review workflows outside the Tapo-specific lane - INLINECODE44� - deeper frame extraction, transcoding, and media inspection once capture works
- INLINECODE45� - ecosystem-level device coordination and automation planning
- INLINECODE46� - local-device debugging and network-aware connector reasoning
- INLINECODE47� - organize and inspect saved captures after acquisition
Feedback
- - If useful: �INLINECODE48
- Stay updated: �INLINECODE49
何时使用
当用户希望代理连接到其位于可信本地网络上的自有Tapo摄像头、验证摄像头可达性、拍摄静态画面并检查生成的帧(不依赖云端工作流)时,使用此技能。
此技能用于本地摄像头操作,而非通用监控设计。请将其范围限定为用户自有摄像头、明确的拍摄请求以及可逆的本地工作流。
架构
记忆文件位于 ~/tapo-camera/。如果 ~/tapo-camera/ 不存在,请运行 setup.md。结构请参见 memory-template.md。
text
~/tapo-camera/
├── memory.md # 激活边界、首选拍摄默认值和信任限制
├── cameras.md # 主机名、标签、型号说明和流能力
├── sessions/
│ └── YYYY-MM-DD.md # 拍摄尝试、失败记录和有效方法
├── captures/
│ └── ... # 仅用户批准的本地静态图像
└── incidents.md # 认证、网络、RTSP和特定型号故障记录
仅当用户希望保留本地状态时,才创建 cameras.md、sessions/、captures/ 或 incidents.md。
快速参考
| 主题 | 文件 |
|---|
| 设置和激活行为 | setup.md |
| 记忆模式和状态值 |
memory-template.md |
| 摄像头清单模板 | cameras.md |
| 事件日志模板 | incidents.md |
| 发现、认证和能力检查 | discovery-and-auth.md |
| 本地静态拍摄和审查流程 | snapshot-workflows.md |
| 非官方API回退边界 | api-fallback.md |
| 故障诊断和恢复顺序 | troubleshooting.md |
| 本地拍摄辅助工具 | tapo-capture.py |
要求
- - python3
- python-kasa 及其 kasa CLI,用于本地发现、设备状态和摄像头模块访问
- ffmpeg,用于从RTSP流中提取单帧JPEG
- 一个Tapo摄像头账户,并在Tapo应用中为支持第三方兼容性的型号启用RTSP和ONVIF
- 摄像头主机或IP与代理位于同一可信本地网络上
- 辅助工具的可选环境变量:TAPOCAMERAUSERNAME、TAPOCAMERAPASSWORD 或 KASACREDENTIALSHASH
- 可选的非官方回退:仅在RTSP或ONVIF不可用且用户批准该受限路径时使用的本地API库
将Tapo凭据和 KASACREDENTIALSHASH 视为机密。切勿将其粘贴到聊天中、提交到文件或回显给用户。
数据存储
仅在能提高可重复性时使用本地笔记:
- - 记忆文件用于激活边界、隐私限制和首选输出路径
- cameras.md 用于摄像头标签、主机、型号特性和流能力说明
- 带日期的会话笔记用于拍摄尝试和有效的确切路径
- incidents.md 用于重复出现的认证、RTSP、ONVIF或固件回归问题
- captures/ 文件夹仅用于用户批准的静态图像
核心规则
1. 在操作摄像头前确认范围和所有权
- - 确认摄像头属于用户,且代理位于同一可信网络段。
- 从主机名、型号以及摄像头是直接设备还是集线器子设备开始。
- 不要扫描任意范围或在明确设备范围之外进行盲目发现。
2. 优先使用维护良好的本地工具
- - 使用 python-kasa 和 kasa CLI 进行发现、认证验证和摄像头能力检查。
- 仅在确认第三方兼容性已启用后,才在本地摄像头上使用RTSP和ONVIF。
- 仅当维护良好的本地路径无法产生所需的拍摄流程时,才使用非官方API。
3. 将发现与拍摄分开
- - 首先确认设备响应且摄像头模块存在。
- 然后推导流能力,并将单张静态图像拍摄到明确的输出路径。
- 不要将认证调试、网络探测和重复帧捕获混在一个不透明的步骤中。
4. 将机密信息排除在聊天、磁盘和进程输出之外
- - 从机密管理器或临时环境变量注入摄像头凭据。
- 不要在本地笔记中存储原始密码、可逆凭据块或完整的已认证RTSP URL。
- 辅助工具可在内部使用实时RTSP URL供 ffmpeg 使用,但除非用户明确要求,否则不应打印该URL。
5. 捕获最小有用的工件
- - 默认拍摄一张静态图像,而非连续录制。
- 仅将捕获内容写入用户批准的本地路径,位于 ~/tapo-camera/captures/ 或其他明确目标下。
- 使用摄像头标签和时间戳命名捕获内容,以便后续检查保持确定性。
6. 默认保持信任边界在本地
- - 本地Tapo设备流量仅允许发往用户局域网上的摄像头主机。
- 除非用户明确要求,否则不要将帧上传到云端视觉服务、共享驱动器或聊天界面。
- 如果用户希望使用远程或云端工作流,请先停止并重新说明哪些数据将离开机器。
7. 确定性回退
- - 如果 kasa 无法暴露摄像头模块或RTSP URL,在更改方法前先检查型号支持、隐私模式和第三方兼容性。
- 如果摄像头是集线器子设备、电池设备或RTSP支持有问题的型号,请使用API回退方案,并保持该路径以本地优先。
- 记录最终有效路径,以便下次拍摄不会重复相同的试错过程。
拍摄陷阱
| 陷阱 | 失败原因 | 更好的做法 |
|---|
| 将每个Tapo设备都视为直接RTSP摄像头 | 集线器子设备和某些电池设备不暴露相同的本地流接口 | 先识别设备类别,然后选择RTSP、ONVIF或API回退 |
| 将完整RTSP URL打印到日志中 |
这会将摄像头凭据泄露到历史和共享输出中 | 默认对URL进行编辑,仅在明确请求时显示 |
| 使用云端登录假设进行本地拍摄 | 本地设备认证和摄像头账户设置实际上是分开的 | 先验证摄像头账户和第三方兼容性状态 |
| 直接跳到重复帧拉取 | 更难调试,且更容易跨越隐私边界 | 在任何循环或批处理任务前先证明单张静态拍摄可行 |
| 将捕获内容和凭据存储在一起 | 如果本地文件夹被复制或同步,会扩大影响范围 | 将图像和机密分开存储,且切勿在 ~/tapo-camera/ 中持久化机密 |
外部端点
| 端点 | 发送的数据 | 目的 |
|---|
| https://{camera-host} | 本地摄像头认证和功能查询 | 通过 python-kasa 进行本地设备连接 |
| rtsp://{camera-host}:554/stream1 或 stream2 |
本地摄像头凭据和流请求 | 通过 ffmpeg 从局域网流中捕获静态图像 |
| http://{camera-host}:2020/onvif/device_service | 本地设备服务请求 | 摄像头启用ONVIF时的能力检查 |
默认工作流中不包含任何第三方端点。
安全与隐私
可能离开您机器的数据:
- - 默认情况下不会发送给第三方
- 发往用户摄像头主机的本地局域网请求,用于认证、能力检查和帧捕获
保持本地的数据:
- - 用户批准的 ~/tapo-camera/ 下的笔记
- 用户选择的本地文件夹中的捕获静态图像
- 故障排除日志和设备能力说明
此技能不会:
- - 以明文形式存储摄像头密码、令牌或可逆凭据块
- 在无明确用户意图的情况下捕获或上传图像
- 运行未声明的云端视觉或云端中继工作流
- 默认修改摄像头固件、隐私设置或电机位置
- 访问工作目录或 ~/tapo-camera/ 之外的文件用于记忆
范围
此技能仅:
- - 连接到可信本地网络上用户自有的Tapo摄像头
- 使用维护良好的工具验证本地访问
- 将静态图像捕获到明确的本地路径
- 记录RTSP或ONVIF不可用时所需的最小回退方案
此技能绝不:
- - 暴力破解摄像头凭据或扫描任意网络
- 启用静默后台监控
- 默认将帧上传到外部服务
- 将集线器子设备、电池设备和直接摄像头视为可互换
- 重写已安装的技能文件
相关技能
如果用户确认,使用 clawhub install
安装:
- - cameras - 更广泛的摄像头捕获和审查工作流(超出Tapo特定范围)
- ffmpeg - 更深入的帧提取、转码和媒体检查(在捕获工作后)
- smart-home - 生态系统级别的设备协调和自动化
