Node-RED
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely educational and template-based. It provides users with JSON flow templates and JavaScript snippets for Node-RED function nodes. All analyzed files focus on the stated purpose of assisting with Home Assistant automations.
- [EXTERNAL_DOWNLOADS]: The installation guide references official and well-known sources for software installation, such as nodesource.com for Node.js and the npm registry for Node-RED packages. These are standard, trusted repositories for the technology stack described.
- [CREDENTIALS_SAFE]: The skill demonstrates high security awareness regarding credentials. It specifically instructs users to use environment variables (
env.get()) for API keys and tokens instead of hardcoding them. Placeholders in templates are clearly marked (e.g.,CHANGE_ME). - [COMMAND_EXECUTION]: Shell commands found in the documentation (e.g.,
npm install,docker-compose up) are standard administrative commands for the installation and maintenance of a Node-RED environment and do not exhibit malicious patterns. - [NO_OBFUSCATION]: The skill contains no obfuscated code, Base64-encoded instructions, or hidden characters. All logic and documentation are provided in clear, human-readable text.
Audit Metadata