The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides Python implementation details for communicating with the Home Assistant WebSocket API to automate dashboard management tasks. Evidence: scripts in SKILL.md and references/reference.md demonstrate methods for installing HACS repositories and querying system information.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of custom frontend cards from well-known community repositories via the HACS integration. Evidence: it provides configuration and installation IDs for repositories such as mini-graph-card, apexcharts-card, and Mushroom cards.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting system data that could potentially be influenced by external actors. Ingestion points: Data is ingested via WebSocket calls for system logs (system_log/list), dashboard configurations (lovelace/config), and entity states (get_states) in references/reference.md. Boundary markers: The provided scripts do not include explicit delimiters or instructions to ignore embedded commands within the ingested log or state data. Capability inventory: The skill has the capability to modify the environment by downloading new software components (hacs/repository/download) and performing network operations on the local instance. Sanitization: There is no explicit sanitization or validation logic for the data retrieved from the Home Assistant API before it is processed.

ha-custom-cards