Haos Ssh Maintenance
ReviewAudited by ClawScan on May 10, 2026.
Overview
No material suspicious behavior is shown; this is a coherent Home Assistant SSH maintenance guide, but it grants high-impact SSH and configuration-editing authority that should be supervised.
Install or use this only if you want the agent to perform SSH-based Home Assistant OS maintenance. Before use, confirm the SSH target, keep backups, review any proposed edits to YAML or .storage files, and be especially careful with automations or settings that affect locks, alarms, access control, or physical devices.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the agent could disrupt Home Assistant configuration or behavior.
The skill intentionally directs the agent to use SSH, shell commands, file reads/edits, and the Home Assistant CLI. This is broad authority, but it is disclosed and central to the stated maintenance purpose.
Switch to SSH when: - files under `/config` need reading or editing ... - shell-level troubleshooting is required - `ha` CLI work is needed
Use this only for explicit HAOS maintenance tasks, review planned commands and edits, and prefer API or UI workflows when they are sufficient.
The agent may connect using whatever host and SSH identity are configured locally.
The skill depends on a preconfigured SSH target, implying delegated access to a Home Assistant host. The artifact discloses this, and there is no evidence of credential collection or leakage, but the SSH target and identity are outside the provided artifact.
Use the SSH target stored in `TOOLS.md`.
Verify TOOLS.md points to the intended Home Assistant host and use the least-privileged SSH access suitable for maintenance.
A bad edit could break integrations, rename or alter entities, or require a rollback/restart.
Direct edits to Home Assistant internal storage can persist across restarts and affect integrations, devices, and entity behavior. The skill mitigates this by saying these edits should be last-resort or targeted, backed up, and reported.
Home Assistant internal storage under `/config/.storage/` can be edited when necessary, including files such as ... `core.entity_registry` ... `core.device_registry` ... `core.config_entries`
Back up exact files, review diffs before reload or restart, and keep the rollback path available.
Private Home Assistant state, history, or configuration details could be surfaced in the chat if broad files are inspected or reported verbatim.
The skill may inspect Home Assistant database or configuration content and summarize findings into the agent conversation. This is purpose-aligned, but the user should avoid unnecessary exposure of private household state or sensitive configuration details.
- `/config/home-assistant_v2.db` ... When using this skill, report: - what path was inspected - what was found
Limit reads to the smallest relevant files or snippets and redact secrets or unrelated household history from reports.