OpenClaw + ClawBridge + Home Assistant OS (HAOS) Supervisor Control vs Guard-Rail API — Nabu Casa mı VPN mi?

Supervisor Control vs Guard-Rail API — Nabu Casa mı VPN mi?

Why this topic matters

Home Assistant üzerinde AI agent entegrasyonu yapmak isteyenler için kritik bir soru var:

ClawBridge + OpenClaw ile HAOS üzerinde tam kontrol (add-on yönetimi, backup, snapshot) mümkün mü?
Yoksa yalnızca entity/service seviyesinde “guard-railed” kontrol mü sağlanabiliyor?

Bu başlık:

• HAOS
• ClawBridge add-on
• OpenClaw gateway
• Nabu Casa remote access
• VPN (Tailscale / ZeroTier)
• Supervisor API
• Programmatic automation control

konularını birlikte değerlendiren teknik bir analiz içeriyor.

Who would be interested?

• Home Assistant power users
• Add-on developers
• AI / Agent entegrasyonu yapanlar
• Supervisor API erişimi araştıranlar
• Remote automation orchestration kurmak isteyenler

What I verified

After reviewing:

• ClawBridge source code
• Add-on manifest permissions
• Home Assistant Supervisor API documentation
• Nabu Casa remote access documentation
• OpenClaw gateway documentation

I reached this technical conclusion:

ClawBridge provides:

• HA Core REST proxy
• WebSocket event subscription
• Entity-scoped access control (off/read/confirm/control)
• API key + allowlist + rate limiting
• Confirm (202 + action_id) human approval flow
• Audit logging

ClawBridge does NOT provide (based on evidence):

• Supervisor-level add-on management
• Backup / snapshot automation
• Remote Supervisor token model
• Documented remote Supervisor admin flow

Architecture options evaluated

A) Cloud Agent → Nabu Casa → HAOS

Good for:

• UI access
• Ingress add-ons

Unclear:

• Programmatic access to ClawBridge :8100 API
• Supervisor automation

B) Cloud Agent → VPN → ClawBridge :8100

Good for:

• Programmatic control
• Guard-railed entity/service automation
• Confirm approval flows
• Audit tracking

Still not providing:

• Supervisor-level full control

My key question to the community

Is there a supported and secure way to allow a remote agent to manage:

• Add-ons
• Supervisor backups
• Snapshot/restore

on HAOS?

Or is Supervisor-level remote automation intentionally unsupported?

What kind of responses I’m looking for

• Confirmation if my interpretation of Supervisor API limitations is correct
• Best-practice security hardening checklist for ClawBridge
• Clarification whether Nabu Casa can expose non-ingress add-on ports safely
• Any supported pattern for remote Supervisor orchestration

Please fix language in your post. It’s currently only half as it swapped at least once. The forum is English speaking. Thank you.

You WANT the AI to be in control of all that?
At the current state of AI?
That may be something AI experts are able to start attempting, but a a normal Homeowner would have a very hard time with this and loose control pretty quickly I would fear.
And when (not if) something breaks, than what? Move out of your house because it’s broken?

Case in point, add-ons are no longer a thing. HA has a pretty good update every month and LLM training periods are couple of months apart at best, so they won’t know what an HA App is for quite a while. You still don’t either, apparently.

It’s taken me 18 months and I had to build a safety benchmark spec before I could even start to attempt it and basically am tiptoeing in slowly to see where breakage and destruction os possible. So… Yeah.

The second part is… Once you hook an LLM up… Under current circumstances you can’t security gate it. It’s ON or OFF. What’s necessary is a security surface that defines what an agent is allowed to interact with. That currently simply does not exist inside HA (including HA MCP) and if you let your agent have access to the filesystem ALL bets are off. (I’m working on that part rn)

So. Basically we let a toddler with a blowtorch loose in the server room. We’re going to need some rubber padding, flame retardant blankets and a fire extinguisher ready before I ever put them in there.