Installing packages from unknown repo

Hi, newbie here
I saw this repo:

There is lot of useful packages like cpu-stats , cpu-temp etc..
Im affraid to install it, some of the packages are for Openwrt >=21 and I have Snapshot.
If I installed it, it can make any harm to my cpu etc?
I saw it working. But is it safe? I immediately remove it...

With resepct to any and all external repos:
Obviously you could read the source code itself, but unless you do that, you have to put your trust in the maintainer of the repo with resepect to security -- do they have everything up to date with appropriate patches? have the added any code that inadvertently introduces a security vulnerability? or worse, might they have injected malicious code?

Note, I do not know anything about the specific repo in question, so I am not pointing any fingers... but this is a risk one must consider when using 3rd party sources that are outside the scope of a given project -- it could be totally fine or it could be problematic.

Regarding compatability -- I would say that it is quite unlikely that packages of this nature could cause physical harm to your device. But incompatible versions could cuase problems with normal operation. Incompatbilities can span the gamut from low level kernel versioning all the way up to userland/interface related changes that have been made since the repo in question was last updated. The opkg package manager system is supposed to prevent kernel version mismatches and it will typically look for all the dependencies before installing, but it doesn't have a way to do complete compatibility tests.

Meanwhile, the OpenWrt repos contain many of the types of packages you seem to desire. Have you searched the standard repos?

Finally, on the snapshot -- is there a specific reason that you're using snapshot and not a stable release? In many cases, unless the user needs snapshot, it's often recommended to use the stable releases since snapshots may contain unknown/new/transient bugs, and package installations become mroe challenging because as well (you may be unable to install new package from the official repos after as little as 24 hours after the snapshot was completed).


Thanks for your reply.

My concern is more about reading cpu temp and cpu load.
I mean it can harm my cpu? Maybe the reading stats can make something bad for my cpu?

I'm on Snapshot cuz my router is got officially month ago (Redmi AX6). Only Snapshot is available now.

Very unlikely.


There are collectd plugins (in OpenWrt's main packages feed) for that, which can do the accounting and graphing of these values.