home-assistant-integrations-addons
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Executable Code] (SAFE): The skill consists entirely of Markdown files providing guidance and tool mapping for an external MCP server. It does not include scripts, binaries, or configuration files that execute logic locally.
- [Indirect Prompt Injection] (SAFE): The skill facilitates actions that modify system state (e.g., deleting configurations, restarting the core) based on user instructions. While it includes documentation for safe operations, it relies on the agent's internal safety filters to interpret user intent correctly. As these capabilities are central to the skill's primary management purpose, the inherent risk is considered acceptable.
- Ingestion points: User requests for Home Assistant management within the
SKILL.mdworkflow. - Boundary markers: Not specified within the skill instructions.
- Capability inventory:
ha_delete_config_entry,ha_restart,ha_set_integration_enabled(defined inSKILL.md). - Sanitization: Relies on the external
ha-mcptools and agent guardrails.
Audit Metadata