minos
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is mostly a normal Home Assistant bridge, but it needs review because the setup script stores a powerful smart-home token and sources a generated shell config that could run commands if tampered with.
Install only if you trust and understand the setup script. Before sourcing ~/.homeassistant.conf or adding it to ~/.bashrc, inspect the file for only simple HA_URL and HA_TOKEN exports. Protect and be ready to revoke the Home Assistant token, verify aliases, and require confirmation for sensitive smart-home actions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a malicious or malformed Home Assistant URL/config value is used, setup or future shell startup could run local commands as the user.
The script writes user-supplied values into a shell script-style config file without escaping and then sources it, so shell metacharacters in the URL/token or a tampered config could execute commands outside the Home Assistant setup purpose.
cat > ~/.homeassistant.conf << EOF export HA_URL="$HA_URL" export HA_TOKEN="$HA_TOKEN" EOF ... source ~/.homeassistant.conf
Store configuration in a non-executable format or shell-escape values safely before sourcing. Do not source or add ~/.homeassistant.conf to ~/.bashrc until its contents are verified.
Anyone who obtains the token may be able to read sensors or control devices through the user's Home Assistant instance.
The skill requires and stores a long-lived Home Assistant access token. This is expected for the integration, but the token can grant broad control/read access to the user's smart home.
read -s -p "HA_TOKEN: " HA_TOKEN ... export HA_TOKEN="$HA_TOKEN" ... chmod 600 ~/.homeassistant.conf
Use a dedicated Home Assistant user/token if possible, keep the config file private, and revoke the token if it is exposed.
A mistaken command or wrong entity/alias could change physical device state in the home.
The skill exposes commands that mutate Home Assistant device state. This is central to the stated purpose, but those actions may affect lights, thermostats, switches, or security-relevant devices.
python3 ha-bridge.py on <entity|alias> ... off <entity|alias> ... toggle <entity|alias> ... climate <entity|alias> --temperature <value> ... scene <scene_entity>
Use explicit user requests for device changes and require confirmation for doors, locks, garage doors, alarms, climate, or other safety/security-sensitive devices.
The agent may control the wrong device if aliases are stale, overly broad, or modified unexpectedly.
Persistent alias mappings are reused to decide which Home Assistant entity a friendly name controls. Incorrect or tampered aliases can redirect a command to a different device.
ALIASES_FILE = Path(__file__).parent / "aliases.json" ... if lower in aliases: return aliases[lower]
Review aliases.json before use, keep mappings specific, and restrict write access to the skill files.