ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Homeassistant Skill

v2.1.0

Control Home Assistant devices and automations via REST API. 25 entity domains including lights, climate, locks, presence, weather, calendars, notifications, scripts, and more. Use when the user asks about their smart home, devices, or automations.

7· 4.8k·17 current·19 all-time
by@anotb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with requirements: curl and jq are appropriate, and HA_URL/HA_TOKEN are exactly what a REST-based Home Assistant skill needs.
Instruction Scope
SKILL.md only instructs calling Home Assistant REST endpoints (states, services, template, history, etc.) using HA_URL and HA_TOKEN. These calls are within the skill's purpose, but template/history/logbook endpoints can expose sensitive local data (presence, logs, calendar entries). The skill includes explicit safety rules for locks/alarms/garage doors.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is downloaded or written to disk by the skill itself.
Credentials
Only HA_URL and HA_TOKEN are required and HA_TOKEN is declared as primaryEnv. The number and type of secrets requested are proportional to the stated capabilities.
Persistence & Privilege
always:false and normal model-invocation settings. The skill does not request permanent system presence or modify other skills/config; no elevated platform privileges are requested.
Assessment
This skill appears coherent and does what it says: it issues REST calls to your Home Assistant instance using HA_URL and a long-lived HA_TOKEN. Before installing, consider: 1) Treat HA_TOKEN as a full-access secret — only provide a token tied to a dedicated, limited account if possible (long-lived tokens are tied to a user). 2) Verify the GitHub project/homepage and review commits or issues if you don't trust the publisher. 3) Be aware calls to templates, history, and logbook can read sensitive local data (presence, calendars, logs); the skill's safety rules call out critical actions but you should confirm any lock/alarm/garage commands. 4) Ensure the agent that will use this skill has network access only to the intended HA_URL. If you need stricter controls, avoid supplying a full-access token or run the skill in an environment where you can audit requests.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718aqc2mdqh7vfefg94fcgbh810dmk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, jq
EnvHA_URL, HA_TOKEN
Primary envHA_TOKEN

Comments