I’d really like to use the standard Nuki integration, but I have some security concerns: In the unlikely case that home assistant cloud will have a security issue, homeassistant knows my home location + can open my door. Therefore, I’d like to be able to only expose the lock sensor to home assistant, without the corresponding services. Not sure if this is even possible or actually needs a dedicated read-only Nuki integration?
This should not come from the HA integration, because it means HA could still open the door if it wanted to, it just choses not to. That is not secure.
Nuki should build support to limit smart home integration to read only, unlock only, full support using pin, full support without pin. That way, hijacking the smart home link will not allow more than you want it to.