advanced-homeassistant-mcp
Verified Safeby jango-blockchained
Overview
A powerful, secure, and extensible Model Context Protocol (MCP) server that enables AI assistants like Claude, GPT, and Cursor to seamlessly interact with Home Assistant. Control your lights, climate, automations, and more through natural language commands.
Installation
npx @jango-blockchained/homeassistant-mcp@latestEnvironment Variables
- HASS_TOKEN
- JWT_SECRET
- HASS_HOST
- HASS_SOCKET_URL
- ANTHROPIC_API_KEY
Security Notes
The server implements comprehensive security measures including rate limiting, input sanitization (using `sanitize-html` and custom logic), JWT authentication, and security headers (using `helmet`). Critical secrets like `HASS_TOKEN`, `ANTHROPIC_API_KEY`, and `JWT_SECRET` are correctly managed via environment variables. CORS is broadly enabled (`Access-Control-Allow-Origin: *`) in some HTTP contexts, which is often necessary for client-facing APIs like MCP, but should be noted. No direct `eval` calls, code obfuscation, or obvious malicious patterns were found; JSON parsing is used for standard JSON-RPC/WebSocket communication.
Similar Servers
ha-mcp
Provides AI agents with complete control over Home Assistant via REST and WebSocket APIs, offering a comprehensive suite of tools for smart home management, automation, and debugging.
openhab-mcp
This project provides an MCP (Model Context Protocol) server to enable AI assistants like Claude and Cline to interact with and manage a real openHAB smart home system via its REST API.
mqtt-mcp
Connects LLM agents to MQTT devices for real-time monitoring and control in smart home, building automation, and industrial control systems.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.