Skills
skills/aahl/skills/mcp-hass/Gen Agent Trust Hub

mcp-hass

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on npx -y mcporter for its core functionality. This command fetches and executes the mcporter package from the npm registry at runtime without version pinning. Since the author 'steipete' is not a pre-approved trusted source, this is considered an unverifiable dependency.\n- COMMAND_EXECUTION (LOW): The skill requires the agent to execute shell commands to perform actions and query states in Home Assistant via the mcporter CLI.\n- PROMPT_INJECTION (LOW): (Category 8
  • Indirect) The skill provides a surface for indirect prompt injection by ingesting untrusted data from the Home Assistant API via the GetLiveContext call.\n
  • Ingestion points: Data returned by home-assistant.GetLiveContext as described in SKILL.md.\n
  • Boundary markers: Absent; the agent is not instructed to treat data from Home Assistant as untrusted or to ignore embedded instructions.\n
  • Capability inventory: Shell command execution and device state modification via npx.\n
  • Sanitization: No sanitization or validation of the Home Assistant response data is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 04:57 PM