ESPHome
Pass
Audited by Gen Agent Trust Hub on May 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration and templates reference numerous third-party GitHub repositories for ESPHome external components. These components provide drivers for various hardware modules (e.g., Victron MPPT controllers, JK-BMS, Apple HomeKit integration). These are standard ESPHome dependencies and are referenced to enable specific hardware functionality on the target microcontroller.
- [COMMAND_EXECUTION]: The skill provides instructions for the user to execute shell commands using the ESPHome CLI (e.g.,
esphome run) and Claude Code plugin management commands. It also defines a "Delivery Contract" where the AI is instructed to write project artifacts (YAML, README, secrets templates) directly to the local disk in a structured project folder. - [SAFE]: The skill implements safety-oriented "Iron Laws," notably requiring explicit hardware board confirmation from the user to prevent the generation of incompatible or unsafe electrical configurations. It also explicitly prohibits hardcoding credentials, instructing the use of ESPHome's
!secretsystem.
Audit Metadata