Home Assistant CLI
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: homeassistant-cli Version: 1.0.0 The skill bundle is a legitimate wrapper for the `hass-cli` tool, providing documentation and examples for Home Assistant control. It instructs the user to configure sensitive `HASS_TOKEN` and `HASS_SERVER` environment variables, which is standard for `hass-cli`. The use of `eval` for shell auto-completion in `references/autocomplete.md` is a common and expected pattern for CLI tools, not indicative of malicious execution. All commands and instructions are focused on interacting with Home Assistant and lack any evidence of data exfiltration, malicious execution, persistence, or prompt injection attempts against the agent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill with a valid token could turn devices on or off, change automations, adjust climate settings, or arm an alarm if the user asks or if the agent misapplies a command.
The skill documents Home Assistant service calls that can change home security or device state. This is aligned with the smart-home control purpose, but it is high-impact if invoked incorrectly.
hass-cli service call alarm_control_panel.alarm_arm_away --arguments entity_id=alarm_control_panel.home
Use this skill only when you want the agent to control Home Assistant, and require clear confirmation before service calls affecting locks, alarms, climate, appliances, or security automations.
Anyone or any process with access to the token may be able to read Home Assistant state and control devices according to that Home Assistant user's permissions.
The skill requires a Home Assistant access token. That credential is expected for this integration, but it may grant broad control over the user's Home Assistant instance.
Generate a long-lived access token ... export HASS_TOKEN=<your-token>
Create the least-privileged Home Assistant user/token practical for this use, store the token securely, rotate it if exposed, and avoid pasting it into chats or logs.
Home Assistant state or history output could expose private information such as who is home, device usage patterns, or security-related events.
The documented queries can retrieve presence, device state, and history information that may reveal household routines or occupancy.
Check if Anyone is Home ... hass-cli state list person ... hass-cli state get person.jones
Ask the agent to retrieve only the specific entities needed, and avoid sharing broad state/history outputs unless necessary.
If the installed hass-cli package or local environment were compromised, shell completion setup could execute unwanted code at shell startup.
The autocomplete setup evaluates shell code generated by hass-cli. This is a common CLI completion pattern and is disclosed, but it runs generated code when enabled in shell startup files.
eval "$( _HASS_CLI_COMPLETE=bash_source hass-cli)"
Enable autocomplete only after installing hass-cli from a trusted source, and remove the eval line from shell config if you no longer use it.