unifi-access
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection from untrusted data sources.
- Ingestion points: Data is retrieved from the UniFi Access controller via tools like
access_list_events,access_recent_events,access_list_users, andaccess_list_visitors(found inreferences/access-tools.md). - Boundary markers: Absent; there are no instructions provided to the agent to treat external controller data as potentially untrusted or to ignore instructions embedded within retrieved fields.
- Capability inventory: The skill can perform high-impact physical actions such as door locking/unlocking, security credential creation/revocation, and visitor pass management.
- Sanitization: Absent; the skill does not specify validation or filtering of the content returned by the controller before it is processed by the agent.
- [COMMAND_EXECUTION]: Use of dynamic execution for tool selection.
- The
access_executetool enables the agent to invoke any tool by its name as a string. While part of the meta-tool discovery and lazy-loading architecture of the server, this provides a mechanism for dynamic operation selection based on input strings.
Audit Metadata