Homeassistant N8n Agent
Security checks across malware telemetry and agentic risk
Overview
This looks like a real n8n/Home Assistant bridge, but it can send broad home-automation commands to an unreviewed local workflow without documented safety checks.
Install only if you control the referenced n8n instance and have reviewed the workflow behind the webhook. Add authentication or keep the webhook strictly local, limit Home Assistant permissions, and require confirmation for any action that changes devices or could affect safety, security, comfort, or privacy.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken, ambiguous, or over-broad request could cause the agent to change home devices through n8n.
The skill instructs the agent to turn user prompts into action requests that can change IoT device states, with no documented confirmation step, allowlist, safety policy, or rollback guidance.
Is the inquiry asking for an IoT device state to be changed? If so, `requestType` is `action`
Require explicit user confirmation for device-changing actions, define allowed devices/actions, and block or add extra confirmation for safety-sensitive automations such as locks, alarms, heaters, or HVAC.
Users cannot tell from the skill package what the local n8n workflow will actually do with home, calendar, or device-control requests.
The core behavior is delegated to an n8n workflow, but the provided artifacts include only SKILL.md and no workflow definition, setup spec, or reviewed automation logic.
Uses curl to trigger a n8n workflow for all things related to IoT.
Publish the n8n workflow export or setup instructions, document required Home Assistant permissions, and tell users to verify the webhook points to their own reviewed workflow.
If the webhook or n8n instance is exposed or over-privileged, OpenClaw requests could trigger more home-automation authority than the user intended.
The documented call uses a localhost n8n webhook and no explicit authentication header; the n8n workflow likely acts using its existing Home Assistant privileges.
curl -X POST http://localhost:5678/webhook/05f3f217-08b9-42de-a84a-e13f135bde73
Protect the n8n webhook, keep it local or authenticated, and use least-privileged Home Assistant credentials for the workflow.
Private home or calendar details may be processed or logged by the n8n workflow and any services it connects to.
The skill forwards the user's full request to an n8n webhook, including requests about historical IoT data and calendar/schedule information; this is expected for the bridge but downstream logging and sharing are not described.
chatInput ... USERS QUESTION/REQUEST ... requestType ... sessionId ... openclaw
Review the n8n workflow's logging, data retention, and external integrations, and consider using per-user or per-session IDs instead of one fixed sessionId.