Back to skill

Security audit

๐Ÿ  Home Assistant via MCP protocol

Security checks across malware telemetry and agentic risk

Overview

This skill openly connects an agent to Home Assistant so it can query and control smart-home devices, with no evidence of hidden or unrelated behavior.

Install only if you want an agent to access Home Assistant. Use a dedicated, least-privileged token where possible, review commands that change device state, and be especially careful with locks, alarms, heaters, garage doors, appliances, or other safety-relevant devices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly documents commands that turn devices on/off and change smart-home settings, but it does not warn that these actions affect real physical devices and environments. In a Home Assistant context, an agent or user could invoke these examples against live systems and unintentionally alter lighting, fans, or other connected devices, creating safety, privacy, or operational risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.