ClawHub

Home Assistant Agent (Secure)

v1.1.0

Control Home Assistant smart home devices securely using the Assist (Conversation) API. Passes natural language to Home Assistant's built-in NLU for safe, to...

2· 1.3k·3 current·5 all-time
by@szafranski
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requested resources: curl plus HOME_ASSISTANT_URL and HOME_ASSISTANT_TOKEN are exactly what is needed to POST to /api/conversation/process. There are no unrelated binaries, extra cloud credentials, or unexpected config paths.
Instruction Scope
Instructions are narrowly scoped to calling /api/conversation/process and explicitly forbid other HA endpoints and echoing the token. One minor operational note: SKILL.md suggests using curl -k to allow self-signed certificates (insecure TLS) — acceptable for local/self-signed setups but a security tradeoff the user should understand.
Install Mechanism
No install spec or remote downloads; this is an instruction-only skill that relies on an existing curl binary. That keeps the disk/write/execute risk minimal.
Credentials
Only HOME_ASSISTANT_URL and HOME_ASSISTANT_TOKEN are required, which is proportionate. However, long-lived HA tokens are not limited to the Conversation API by design — the SKILL.md correctly calls this out and advises using a restricted, non-admin user. The token remains powerful if misused, so the guidance to restrict the user and to avoid trusted_networks bypass is important.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It does not modify other skills or system-wide settings and does not request persistent installation privileges.
Assessment
This skill appears coherent and appropriately scoped, but before installing: (1) create a dedicated non-admin Home Assistant user and grant it only the areas/entities the skill needs; (2) avoid storing the token in world-readable files and rotate it periodically; (3) do not enable trusted_networks allow_bypass_login (or set allow_bypass_login: false); (4) avoid using curl -k on internet-facing HA instances — prefer a valid TLS certificate; and (5) consider auditing agent logs/outputs after first use to confirm the token is never echoed and the skill only calls /api/conversation/process as intended.

Like a lobster shell, security has layers — review code before you run it.

home-assistantvk976cb5tc9wv6dy0ys12evz0hd818np7latestvk976cb5tc9wv6dy0ys12evz0hd818np7restrictedvk976cb5tc9wv6dy0ys12evz0hd818np7safevk976cb5tc9wv6dy0ys12evz0hd818np7securevk976cb5tc9wv6dy0ys12evz0hd818np7smart-homevk976cb5tc9wv6dy0ys12evz0hd818np7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏠 Clawdis
Binscurl
EnvHOME_ASSISTANT_URL, HOME_ASSISTANT_TOKEN
Primary envHOME_ASSISTANT_TOKEN

Comments