Intent-Code Divergence
Medium
- Confidence
- 95% confidence
- Finding
- The skill gives conflicting instructions for the security-critical `homeId` source: one section requires dynamically obtaining the user-selected home via `home-management-api`, while later parameter docs say to fixedly use `${HDL_HOME_ID}`. In a multi-home context, this inconsistency can cause the agent to act on the wrong residence, leading to unauthorized device visibility or control across homes tied to the same account.
