Is joneschi/homeassistant-cli safe?

https://github.com/openclaw/skills/tree/main/skills/joneschi/homeassistant-cli

100
SAFE

This is a legitimate documentation-only skill that provides guidance for using the official Home Assistant CLI tool. It contains no executable code, no prompt injection attempts, and exhibits no malicious behavior during installation.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (1)

INFO Environment Variable Usage 0

Skill instructs users to set HASS_SERVER and HASS_TOKEN environment variables for authentication. While this is standard practice for Home Assistant CLI tools, users should ensure these credentials are properly secured.