Skills
skills/hankanman/claude-config/ha-api-access/Gen Agent Trust Hub

ha-api-access

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes curl commands to interact with the Home Assistant REST API and uses python3 (both the json.tool module and inline scripts) to format and filter the results.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from a Home Assistant instance.
  • Ingestion points: Untrusted data enters the agent context through API responses from $HA_URL/api/states and $HA_URL/api/config within SKILL.md.
  • Boundary markers: There are no delimiters or instructions provided to the agent to treat the retrieved API data as non-executable content or to ignore potential instructions embedded within entity states.
  • Capability inventory: The skill utilizes subprocess calls for curl and python3, providing a functional path for any injected instructions to trigger further commands.
  • Sanitization: No sanitization, validation, or escaping is applied to the values retrieved from the Home Assistant API before they are presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 03:05 PM