Scan Report
5 /100
home-assistant
Walks through connecting Home Assistant to an OpenClaw claw or any MCP-compatible client
Documentation-only skill that guides users through Home Assistant MCP integration setup with no executable code, scripts, or undeclared behavior.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations performed |
| Network | NONE | NONE | — | No network requests made; URLs are documentation examples for user action |
| Shell | NONE | NONE | — | No shell commands executed |
| Environment | NONE | NONE | — | No environment access |
| Skill Invoke | NONE | NONE | — | No skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
5 findings
Medium External URL 外部 URL
https://selorahomes.com/docs/selora-ai/installation/ SKILL.md:31 Medium External URL 外部 URL
http://homeassistant.local:8123/api/ SKILL.md:36 Medium External URL 外部 URL
http://homeassistant.local:8123/api/selora_ai/mcp SKILL.md:42 Medium External URL 外部 URL
https://selorahomes.com/docs/selorabox/ SKILL.md:68 Medium External URL 外部 URL
https://ha.example.com/api/selora_ai/mcp SKILL.md:72 File Tree
1 files · 7.3 KB · 178 lines Markdown 1f · 178L
└─
SKILL.md
Markdown
Security Positives
✓ Documentation-only skill with no executable code
✓ Provides security guidance on token handling and storage best practices
✓ Warns against committing credentials to version control
✓ Recommends secrets managers for credential storage
✓ Clearly explains the purpose and scope of the skill
✓ No hidden functionality or obfuscated code
✓ No dependencies or external package dependencies