unifi

This is a read-only monitoring utility for UniFi gateways. It uses local admin credentials stored in a .env file and makes API calls to gather status data. The main security considerations are: (1) SSL verification is disabled in requests (-k), which can expose data to interception in less trusted networks; (2) credentials are stored in plaintext in a .env file, so access control is important; (3) ensure correct site naming to avoid data leakage or errors. Overall, it is not malicious by design, but the SSL bypass and credential handling require careful deployment controls.

The UniFi skill appears to be a coherent, read-only monitoring tool that queries a local UniFi gateway API and presents status metrics. Its data flows are self-contained within the local network, and the GET-only constraint aligns with its monitoring purpose. However, there is a non-trivial credential exposure risk stemming from storing gateway credentials in a local .env file. The absence of explicit remote data exfiltration and the read-only nature mitigates risk, but credential handling should be tightened (e.g., using scoped tokens, ephemeral credentials, or a secure vault) to reduce potential compromise. Overall, the footprint is proportionate to its stated purpose, with moderate securityRisk due to credential storage, and low malware risk.