hass-config-flow
Facilitates interaction with Home Assistant's REST API on NixOS for managing integrations and automating setups.
Install this skill
or
71/100
Security score
The hass-config-flow skill was audited on Jun 12, 2026 and we found 11 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
medium line 77
Curl to non-GitHub URL
SourceSKILL.md
| 77 | ssh nuc "curl -s -H 'Authorization: Bearer $TOKEN' http://localhost:8123/api/states" | python3 -c " |
high line 146
Curl to non-GitHub URL
SourceSKILL.md
| 146 | Verify: `curl -s -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8123/api/` |
low line 18
External URL reference
SourceSKILL.md
| 18 | Docs: https://developers.home-assistant.io/docs/api/rest/ |
low line 31
External URL reference
SourceSKILL.md
| 31 | export HASS_SERVER=http://localhost:8123 |
low line 77
External URL reference
SourceSKILL.md
| 77 | ssh nuc "curl -s -H 'Authorization: Bearer $TOKEN' http://localhost:8123/api/states" | python3 -c " |
low line 97
External URL reference
SourceSKILL.md
| 97 | http://localhost:8123/api/services/media_player/turn_off" |
low line 106
External URL reference
SourceSKILL.md
| 106 | http://localhost:8123/api/config/config_entries/flow" |
low line 146
External URL reference
SourceSKILL.md
| 146 | Verify: `curl -s -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8123/api/` |
low line 151
External URL reference
SourceSKILL.md
| 151 | All requests to `http://127.0.0.1:8123` with `Authorization: Bearer $TOKEN`. |
low line 198
External URL reference
SourceSKILL.md
| 198 | - API: `http://127.0.0.1:8123` (localhost only), HTTPS via Tailscale serve |
low line 199
External URL reference
SourceSKILL.md
| 199 | - Public URL: `https://homeassistant.cinnamon-rooster.ts.net/` |
Scanned on Jun 12, 2026
View Security Dashboard