Skills
skills/phuetz/code-buddy/smart-home/Gen Agent Trust Hub

smart-home

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Employs curl and jq commands to interact with local IoT device APIs for device discovery and state management.
  • [EXTERNAL_DOWNLOADS]: Contacts discovery.meethue.com, a well-known official service provided by Philips Hue, to locate bridge hardware on the local network.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: Reads device state and metadata (e.g., scene names, light states) from local Home Assistant and Philips Hue API responses in SKILL.md.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded content are provided when processing device data.
  • Capability inventory: The skill uses curl for network requests and jq for JSON parsing across all commands.
  • Sanitization: No specific sanitization or filtering is applied to the data retrieved from the IoT APIs before it is displayed or processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM