home-assistant-automation-scripts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill instructions enable the agent to ingest external, potentially untrusted data from a Home Assistant instance and use it to perform actions with side effects.
- Ingestion points: The skill uses tools like
ha_get_overview,ha_search_entities,ha_config_get_automation,ha_get_logbook,ha_get_history, andha_get_statisticsto pull data into the context. - Boundary markers: Absent. There are no delimiters or specific instructions for the agent to disregard instructions that might be embedded in entity names, attributes, or log entries.
- Capability inventory: The skill can create or update configurations via
ha_config_set_automationandha_config_set_script, import logic viaha_import_blueprint, and execute dynamic logic viaha_eval_template. - Sanitization: Absent. No validation or sanitization rules are defined to check the integrity or safety of the retrieved data before it influences the agent's logic or configuration changes.
Audit Metadata