home-assistant-best-practices
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation for integrations and dashboard cards from the official Home Assistant GitHub repository (
github.com/home-assistant/home-assistant.io). These downloads are from a well-known service and are used exclusively for providing up-to-date documentation to the agent. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it analyzes and modifies Home Assistant configuration data which may originate from untrusted or external sources.
- Ingestion points: Home Assistant YAML configuration files, entity registry data, and dashboard JSON retrieved via REST and WebSocket APIs.
- Boundary markers: No explicit boundary markers or delimiters are instructed for the processed configuration data.
- Capability inventory: The skill is designed to read and write Home Assistant configuration through its standard APIs. It does not perform arbitrary shell command execution or direct file system access.
- Sanitization: There are no explicit instructions for sanitizing or validating the content of the configuration data before it is processed by the agent.
Audit Metadata