Home Assistant Agent (Secure)
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is transparent about using a restricted Home Assistant token to send smart-home commands through Home Assistant Assist, with no hidden code found.
Install only if you are comfortable giving OpenClaw controlled access to Home Assistant. Create a dedicated non-admin Home Assistant user, limit its device/entity access, store the token carefully, disable trusted-network login bypass if enabled, and remove curl's -k option when your Home Assistant certificate is trusted.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is over-privileged or leaked, someone could access or control more of Home Assistant than this skill intends.
The skill requires a Home Assistant long-lived token, and the artifacts clearly disclose that the token itself is broader than the intended Assist endpoint.
The Long-Lived Access Token is not technically scoped to the Conversation API — it grants access to all HA API endpoints available to that user.
Use a dedicated non-admin Home Assistant user with the smallest possible area/entity access, rotate the token if exposed, and avoid storing it where other tools or users can read it.
The skill can control smart-home devices through Home Assistant, and using -k on an untrusted network could make the token easier to intercept.
The skill uses curl to send authenticated commands to Home Assistant; this is central to the purpose, but the -k option disables certificate verification.
curl -sk -X POST "$HOME_ASSISTANT_URL/api/conversation/process" ... -H "Authorization: Bearer $HOME_ASSISTANT_TOKEN"
Remove -k when using a trusted certificate, keep Home Assistant on a trusted network, and review commands before allowing high-impact device actions.