Back to skill
Skillv1.0.3
VirusTotal security
Home Assistant Control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:10 AM
- Hash
- 816182eb360816497d7537067fa5663f978d1d90a925c142cb66573b51471ed9
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: home-assistant-control Version: 1.0.3 The skill bundle is benign. It demonstrates robust security practices, particularly in `scripts/ha_env.sh` which safely parses environment files by allowlisting keys and avoiding `source`/`eval` for untrusted paths. `scripts/ha_call.sh` and `scripts/ha_safe_action.sh` implement strict input validation, URL scheme checks, API path scoping, and use `jq --arg` for safe JSON payload construction, mitigating shell and JSON injection risks. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in the documentation (`SKILL.md`, `README.md`).
- External report
- View on VirusTotal