Homeassistant Mcp
WarnAudited by ClawScan on May 17, 2026.
Overview
The skill matches a Home Assistant use case, but it directs the agent to use a long-lived smart-home token with a fixed unencrypted endpoint and raw curl commands for cameras and device state.
Install only if you recognize and control the Home Assistant endpoint shown in the skill. Before using it, confirm the token, network path, and entity memory file are safe, and require explicit user confirmation for any device or garage-door operation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed or used incorrectly, the agent may send a powerful smart-home token to a specific endpoint and gain broad access to the home environment exposed there.
A Home Assistant long-lived token can grant broad access to cameras, sensors, garage controls, and devices. The target endpoint is fixed in the instructions, while the registry metadata does not declare a primary credential or env var requirement.
The MCP server endpoint is `http://220.0.0.5:8123/api/mcp`. Ensure the connection is configured with the correct Long-Lived Access Token.
Use this only if the endpoint is yours and trusted. Prefer a user-configured HTTPS/private endpoint and a dedicated low-privilege Home Assistant account or token where possible.
Camera images, device states, and authorization tokens could be exposed to an unintended or unencrypted network path.
The skill sends a bearer token and retrieves camera images over a fixed HTTP endpoint. For camera and smart-home data, the communication boundary and transport security are material concerns unless the address is known to be a trusted local/private network.
curl -s -H "Authorization: Bearer <TOKEN>" "http://220.0.0.5:8123/api/camera_proxy/camera.<entity_id>" -o /home/clawd/.openclaw/workspace/<filename>.jpg
Verify the endpoint before use, prefer HTTPS or a trusted local/VPN route, and avoid sending tokens to hard-coded addresses you do not control.
The agent may use lower-level commands to access smart-home data, which is harder for users to audit and can be riskier if the endpoint, token, entity ID, or output path is wrong.
The skill intentionally bypasses structured MCP camera/status tools with raw shell/API calls carrying a bearer token. This is related to the stated purpose, but it reduces tool-boundary protections for sensitive camera and device data.
Always use `exec` with `curl` to the REST API to get camera snapshots... If MCP tools timeout, fallback to the REST API
Prefer scoped MCP tools when available, require clear user intent for sensitive camera or device actions, and keep REST fallbacks narrowly configured.
A stored entity list could reveal details about the home and may cause the agent to act on outdated or incorrect device names.
The skill relies on a persistent local memory file for Home Assistant areas and entities. This is purpose-aligned, but it may contain sensitive home layout/device information and could influence future actions if stale or modified.
Review `/home/clawd/.openclaw/workspace/memory/home-assistant-entities.md` for a full list of areas and key entities.
Keep the memory file private, review it for accuracy, and remove sensitive or obsolete entities.