homeassistant-mcp-server

The skill is mostly aligned with its stated Home Assistant control purpose and does not show obvious credential theft or third-party proxying. Main concerns are the broad real-world action surface, plaintext long-lived token handling, and a publisher/provenance mismatch between ara.so and the referenced robbrad package/repo. Overall this is better classified as suspicious/high-impact rather than malicious.