Skip to main content

esp32-workbench-ota

Facilitates over-the-air firmware updates for ESP32 devices, enabling seamless updates without serial connections.

Install this skill

or
47/100

Security score

The esp32-workbench-ota skill was audited on Mar 3, 2026 and we found 21 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 38

Curl to non-GitHub URL

SourceSKILL.md
38curl -X POST http://192.168.0.87:8080/api/firmware/upload \
medium line 48

Curl to non-GitHub URL

SourceSKILL.md
48curl -s http://192.168.0.87:8080/api/firmware/list | jq .
medium line 58

Curl to non-GitHub URL

SourceSKILL.md
58curl -X DELETE http://192.168.0.87:8080/api/udplog
medium line 66

Curl to non-GitHub URL

SourceSKILL.md
66curl -X POST http://192.168.0.87:8080/api/wifi/http \
medium line 75

Curl to non-GitHub URL

SourceSKILL.md
75curl "http://192.168.0.87:8080/api/udplog?limit=50"
medium line 78

Curl to non-GitHub URL

SourceSKILL.md
78curl -X POST http://192.168.0.87:8080/api/serial/monitor \
medium line 87

Curl to non-GitHub URL

SourceSKILL.md
87curl http://192.168.0.87:8080/api/firmware/list
medium line 90

Curl to non-GitHub URL

SourceSKILL.md
90curl -X DELETE http://192.168.0.87:8080/api/firmware/delete \
low line 8

External URL reference

SourceSKILL.md
8Base URL: `http://192.168.0.87:8080`
low line 38

External URL reference

SourceSKILL.md
38curl -X POST http://192.168.0.87:8080/api/firmware/upload \
low line 48

External URL reference

SourceSKILL.md
48curl -s http://192.168.0.87:8080/api/firmware/list | jq .
low line 53

External URL reference

SourceSKILL.md
53The device must be able to reach `http://192.168.0.87:8080`. Use enter-portal to provision if needed (see esp32-workbench-wifi).
low line 58

External URL reference

SourceSKILL.md
58curl -X DELETE http://192.168.0.87:8080/api/udplog
low line 64

External URL reference

SourceSKILL.md
64OTA_BODY=$(echo -n '{"url":"http://192.168.0.87:8080/firmware/my-project/firmware.bin"}' | base64)
low line 66

External URL reference

SourceSKILL.md
66curl -X POST http://192.168.0.87:8080/api/wifi/http \
low line 68

External URL reference

SourceSKILL.md
68-d "{\"method\": \"POST\", \"url\": \"http://192.168.4.2/ota\", \"headers\": {\"Content-Type\": \"application/json\"}, \"body\": \"$OTA_BODY\", \"timeout\": 30}"
low line 75

External URL reference

SourceSKILL.md
75curl "http://192.168.0.87:8080/api/udplog?limit=50"
low line 78

External URL reference

SourceSKILL.md
78curl -X POST http://192.168.0.87:8080/api/serial/monitor \
low line 87

External URL reference

SourceSKILL.md
87curl http://192.168.0.87:8080/api/firmware/list
low line 90

External URL reference

SourceSKILL.md
90curl -X DELETE http://192.168.0.87:8080/api/firmware/delete \
low line 95

External URL reference

SourceSKILL.md
95# http://192.168.0.87:8080/firmware/<project>/<filename>
Scanned on Mar 3, 2026
View Security Dashboard

Install this skill with one command

/learn @sensorsiot/esp32-workbench-ota
GitHub Stars 3
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawbackendbackend-developerdevops-sreproduct-managerdevelopmentproduct
SensorsIot/Universal-ESP32-Workbench