Model Context Protocol moderate risk

Home Assistant

Exposes Home Assistant entities and services to MCP clients, enabling control and monitoring of smart home devices via natural language.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwrite

Quickstart

Config

{
    "mcpServers": {
        "Home-assistant": {
            "command": "uv",
            "args": [
                "--directory",
                "/Users/allen/Development/mcp-server-home-assistant",
                "run",
                "mcp-server-home-assistant",
                "-v",
                "-v"
            ],
            "env": {
                "HOME_ASSISTANT_WEB_SOCKET_URL": "http://localhost:8123/api/websocket",
                "HOME_ASSISTANT_API_TOKEN": "byJhbVci0iJIUzI1ii1sInR5cCI6IkpXVCJ9.....
            }
        }
    }
}

Exposed MCP Tools (4)

safe

get_entity_state

Retrieves the current state of a specified entity in Home Assistant.

Read-only operation; no side effects.

moderate

set_entity_state

Changes the state of a specified entity in Home Assistant.

Non-destructive write operation; changes device state but doesn't delete anything.

moderate

call_service

Calls a specific service in Home Assistant.

Can trigger actions in Home Assistant, but typically non-destructive.

safe

list_entities

Lists all available entities in Home Assistant.

Read-only operation; no side effects.

Safety Assessment

This MCP server's safety depends heavily on the underlying Home Assistant instance's security. While it uses tokens for authentication, a compromised token or a vulnerable Home Assistant setup could lead to unauthorized device control. It is relatively safe if Home Assistant is properly secured and access is limited.

Requires a long-lived access token for authentication.
Leverages Home Assistant's existing access control mechanisms.
Relies on Home Assistant's internal security model for device access.
Can be configured to limit the scope of access via Home Assistant permissions.

Improperly secured Home Assistant instance can lead to unauthorized access.
Exposure of the Home Assistant API token can grant full control of the instance.
Potential for unintended device state changes if instructions are misinterpreted.
Vulnerable to command injection if input sanitization is not properly implemented in Home Assistant.
Reliance on Home Assistant's security; vulnerabilities there impact this server.