ClawHub

Home Assistant Integration

Security checks across malware telemetry and agentic risk

Overview

This Home Assistant skill is coherent, but it gives an agent broad physical smart-home control with overly broad triggers and limited built-in safety scoping.

Review before installing. Use a dedicated least-privilege Home Assistant account or token, avoid granting access to locks, alarms, garage doors, cameras, and notification services unless intentionally needed, and require explicit user confirmation for state-changing or privacy-sensitive commands. Prefer a CA certificate over disabling SSL verification.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill advertises very broad natural-language trigger phrases for powerful home-control actions without defining confirmation requirements, authorization boundaries, or exclusion rules. In a smart-home context, ambiguous phrases can cause unintended actuation of lights, heating, automations, or other devices, especially when routed through chat/voice channels.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The markdown promotes camera access, notifications, automations, and physical device control but does not warn about privacy exposure or real-world safety consequences. In a home-assistant skill, these capabilities can reveal occupancy patterns, expose camera snapshots, or change environmental controls, so missing warnings materially increases misuse risk.

Vague Triggers

High
Confidence
98% confidence
Finding
The trigger list is extremely broad and includes common words like 'light', 'camera', 'door', 'lock', 'play', 'pause', 'alert', and 'HA'. In a natural-language agent, this can cause accidental invocation of a skill that is capable of controlling physical devices, including locks, climate, automations, and notifications, creating unintended smart-home actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill description emphasizes convenience and breadth of control but does not clearly warn that it can perform safety- and security-relevant actions like lock/door control, automation triggering, and outbound notifications. In this context, understated capability disclosure increases the chance that users enable or invoke the skill without understanding the real-world consequences of mistakes or abuse.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal