unifi-api

SUSPICIOUS. The skill’s capabilities mostly match UniFi administration, and data flows target the local router rather than an external gateway. However, it forwards a sensitive API key through third-party/local wrapper tooling and systematically disables TLS verification, creating meaningful credential interception and network-control risk. Not confirmed malware, but high enough risk to treat as a sensitive administrative skill requiring strong user oversight.