firewall-manager
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust 'Snapshot before mutation' and 'Verify after mutation' workflow using local JSON snapshots and
difffor auditing changes. - [SAFE]: Instructions explicitly mandate human-in-the-loop verification, requiring the agent to show a preview and wait for user confirmation before executing any state-changing tool call.
- [SAFE]: The skill uses local reference files (
firewall-schema.md,policy-templates.yaml) for authoritative configuration instead of relying on external downloads or unverified sources. - [SAFE]: Network operations are restricted to the local
unifi-networkMCP server and standard platform tools (mkdir,date,printf,python3,diff). - [SAFE]: The provided Python script for structural comparison is a transparent data processing block that does not perform network operations or access sensitive system paths.
Audit Metadata