Skills
skills/sirkirby/unifi-mcp/firewall-auditor/Gen Agent Trust Hub

firewall-auditor

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled Python script (scripts/unifi-firewall-score) to calculate security scores from findings. It also uses python3 one-liners via shell execution to manage a local JSON history file and compute performance trends. These operations are local to the environment and integral to the skill's auditing function.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted metadata, such as firewall rule names and descriptions, from the UniFi controller.\n
  • Ingestion points: Data is ingested from the UniFi controller using the unifi_list_firewall_policies, unifi_list_networks, unifi_list_firewall_groups, and unifi_list_devices tools.\n
  • Boundary markers: No specific delimiters or instruction-isolation markers are used when processing the ingested strings.\n
  • Capability inventory: The agent can execute a local scoring script and modify a local history file using shell commands.\n
  • Sanitization: No explicit sanitization or validation of the content of rule names or descriptions is performed before they are used in benchmark evaluation or report generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 02:25 AM
Security Audit — agent-trust-hub — firewall-auditor