Unifi
PassAudited by ClawScan on May 10, 2026.
Overview
The skill matches its UniFi management purpose, but it requires UniFi API keys and can make real network configuration changes.
Install this only if you want the agent to monitor and configure your UniFi environment. Protect the API keys, configure the local gateway certificate fingerprint if using local access, and manually approve commands that change DNS, WLAN, radio, or client settings.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An incorrect or overly broad command could disrupt Wi-Fi, DNS, or access point behavior for users on the network.
The skill can change WLAN, DNS, and radio settings through automatically routed UniFi API calls. This is expected for a network-management skill, but mistakes could affect connectivity.
Routing is automatic: local gateway when reachable, cloud connector when remote. Use `--local` to force local-only. ... `set-wlan` ... `set-network-dns` ... `set-radio`
Use explicit site/device arguments where available, verify the target network before configuration changes, and require human review for set-* commands.
Anyone or any agent with these keys may be able to view network details or change network settings within the key's permissions.
The skill requires delegated UniFi credentials for cloud and optional local gateway access. This is necessary for the integration, but those keys may allow sensitive monitoring and configuration actions.
You need one or both API keys: ... Site Manager API key ... Local gateway API key ... Alternatively, use environment variables: `UNIFI_API_KEY`, `UNIFI_GATEWAY_IP`, `UNIFI_LOCAL_API_KEY`.
Use the least-privileged/revocable UniFi API keys available, rotate them if exposed, and prefer protected environment variables or a tightly permissioned config file.
Installing dependencies globally or without version control can introduce avoidable supply-chain or environment drift risk.
The setup relies on a manually installed, unpinned PyPI dependency. This is a normal Python setup pattern, but it leaves dependency version/provenance management to the user.
- Python 3.12+ - `requests` library (`pip install requests`)
Install in a virtual environment and consider pinning or auditing the requests package version.