unifi-network
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from the UniFi network environment, creating a potential surface for indirect prompt injection.
- Ingestion points: Data is retrieved through tools such as
unifi_list_clientsandunifi_list_events(inreferences/network-tools.md), which provide user-controlled strings like client hostnames and event descriptions to the agent. - Boundary markers: There are no specified delimiters or instructions to the agent to treat data from the controller as untrusted or to ignore embedded commands.
- Capability inventory: The skill allows for high-impact network changes, such as modifying firewall rules, port forwarding, and rebooting devices (as seen in
references/network-tools.md). - Sanitization: No sanitization or validation of the data pulled from the network is performed before it is presented to the agent.
Audit Metadata