EZ Unifi

The skill is classified as suspicious due to two main risky capabilities. First, the `scripts/unifi.py` script disables SSL certificate verification (`ssl_context=False`) when connecting to the UniFi controller, which makes the connection vulnerable to Man-in-the-Middle attacks. Second, the script exposes a 'raw API access' command (`unifi.py raw`) allowing arbitrary HTTP methods and paths to be sent to the controller, which grants very broad permissions and significantly increases the attack surface if the agent were to be compromised by a prompt injection, enabling actions beyond the explicitly defined commands.