ha-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from the Home Assistant environment which can be manipulated to influence agent behavior.
- Ingestion points: The skill reads entity states via /api/states and monitors events through WebSocket subscriptions.
- Boundary markers: No specific delimiters or "ignore embedded instructions" markers are used when processing external data.
- Capability inventory: The skill utilizes requests, aiohttp, and curl to execute service calls and update states, providing a mechanism for an injection to trigger actions.
- Sanitization: No sanitization or validation logic is present in the provided code templates or documentation.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded credentials or secrets were detected; the skill uses environment variable placeholders (HA_TOKEN) for authentication.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill recommends well-known, trusted Python libraries (requests, aiohttp) from the official PyPI registry.
Audit Metadata