Skills
skills/tonylofgren/aurora-smart-home/HA Integration Dev/Gen Agent Trust Hub

HA Integration Dev

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The LLM Conversation Agent template in templates/conversation-agent/conversation_agent.py facilitates an indirect prompt injection surface.\n
  • Ingestion points: The agent ingests external user input (user_input.text) and Home Assistant entity states (via self.hass.states.async_all()) into a dynamically constructed system prompt.\n
  • Boundary markers: The prompt template utilizes section headers such as AVAILABLE DEVICES and RULES, but lacks randomized or unique delimiters to isolate untrusted data from instructions.\n
  • Capability inventory: The integration is capable of executing arbitrary Home Assistant service calls via self.hass.services.async_call based on the LLM output.\n
  • Sanitization: The agent utilizes regex patterns and standard JSON deserialization to extract intended actions, providing a layer of validation between LLM responses and system execution.\n- [EXTERNAL_DOWNLOADS]: Documentation in templates/conversation-agent/README.md provides an installation command for the Ollama service using a shell script fetched from https://ollama.com/install.sh. This reference points to a well-known service for executing large language models locally.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 06:44 PM
Security Audit — agent-trust-hub — HA Integration Dev