Skills
skills/cullenmcdermott/nix-config/home-assistant/Gen Agent Trust Hub

home-assistant

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The ha_call_service.py script enables the agent to execute arbitrary service calls on the Home Assistant instance, providing the necessary functionality to control smart home devices as requested by the user.
  • [DATA_EXFILTRATION]: Scripts like ha_get_config.py and ha_get_config_entries.py transmit Home Assistant configuration data and integration identifiers to the agent's context. This communication occurs with https://ha.cullen.rocks, a domain associated with the skill's author infrastructure.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing external data from the Home Assistant API (such as entity names and automation traces) without explicit sanitization or boundary markers. 1. Ingestion points: scripts/ha_get_entities.py, scripts/ha_get_state.py, scripts/ha_get_automations.py, scripts/ha_list_traces.py, scripts/ha_get_trace.py, scripts/ha_search_dashboards.py. 2. Boundary markers: Absent. 3. Capability inventory: scripts/ha_call_service.py (arbitrary service calls). 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:06 AM