zigbee2mqtt
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Manages the Zigbee2MQTT service using systemctl commands and interacts with the MQTT broker using mosquitto_pub and mosquitto_sub.
- [EXTERNAL_DOWNLOADS]: Directs users to official installation steps and firmware updates hosted on well-known project repositories on GitHub.
- [PROMPT_INJECTION]: Ingests untrusted data from local configuration files and MQTT messages; capability inventory includes systemctl and mosquitto_pub; sanitization is achieved through the use of json.tool and yaml.safe_load for parsing external content.
Audit Metadata