UniFi Network — 技能工具

Name: UniFi Network — 技能工具
Author: ricanwarfare

ricanwarfare

UniFi Network — 技能工具

v1.1.0

Query and monitor UniFi network via local gateway API (Cloud Gateway Ultra / UniFi OS). Use when the user asks to "check UniFi", "list UniFi devices", "show...

0· 71·0 当前·0 累计

by @ricanwarfare·MIT-0

生产力工具

下载技能包

License

MIT-0

最后更新

2026/4/8

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

安全

high confidence

The skill is internally consistent with its stated purpose (local, read-only UniFi monitoring) but contains a few privacy/usability concerns you should be aware of before installing.

评估建议

This skill appears to do what it says: query a local UniFi gateway using a local admin account. Before installing or running it: (1) create a local read-only UniFi account as recommended (avoid using your cloud/primary admin), (2) be aware the scripts store your credentials in plaintext at ~/.openclaw/credentials/unifi.json — protect that file (restrict permissions) or use an OS-level secret store if possible, (3) the scripts disable TLS verification (curl -k) because many UniFi gateways use sel...

详细分析 ▾

✓ 用途与能力

Name/description match the code and runtime instructions. Required binaries (curl, jq) are appropriate for calling the UniFi local API and formatting JSON. The scripts expect a local UniFi gateway and a local credential file (~/.openclaw/credentials/unifi.json), which is reasonable for this purpose.

⚠ 指令范围

Most runtime instructions stay within monitoring scope (login + GET to site/stat and rest endpoints). However: the scripts create a dashboard_debug_dump.json file (unconditionally) containing collected API responses (potentially sensitive network/config data) and write/read a plaintext credential file in the user's home directory. The code also uses curl -k/-s (skipping TLS verification) which is practical for self-signed UniFi certs but weakens transport security. SKILL.md claims 'GET-only' operations, but the helper performs a POST to /api/auth/login to authenticate (this is expected but is a small mismatch with the 'GET-only' wording).

✓ 安装机制

This is an instruction/script-only skill with no install spec. Nothing is downloaded from external URLs or written to system locations by an installer—scripts are included in the bundle. Risk from install mechanism is low.

ℹ 凭证需求

No cloud API keys or unrelated credentials are requested. The skill requires a local credential file with username/password (stored in plaintext) and uses $HOME and temporary cookie files. Requesting local UniFi credentials is proportionate, but plaintext storage and creation of debug dump files merits caution.

✓ 持久化与权限

Skill is not always-enabled, does not request system-wide privileges, and does not modify other skills or global agent configuration. It exports helper functions and environment variables within the script scope, which is normal for these scripts.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.1.02026/4/6

Synced from openclaw-skills repo

● 可疑

安装命令点击复制

官方npx clawhub@latest install unifi-network

镜像加速npx clawhub@latest install unifi-network --registry https://cn.clawhub-mirror.com

技能文档

Monitor and query your UniFi network via the local UniFi OS gateway API (tested on Cloud Gateway Ultra).

Purpose

This skill provides read-only access to your UniFi network's operational data:

Devices (APs, switches, gateway) status and health
Active clients (who's connected where)
Network health overview
Traffic insights (top applications via DPI)
Recent alarms and events

All operations are GET-only and safe for monitoring/reporting.

Setup

Create the credentials file: ~/.openclaw/credentials/unifi.json

{
  "host": "your-gateway-ip",
  "username": "your_username",
  "password": "your_password",
  "note": "Local Read-Only account on UniFi OS"
}

Note: The URL must use HTTPS and point to your UniFi gateway. The site is usually default for home setups.

host: Your UniFi OS gateway IP/hostname (without https://)
username: Local UniFi OS admin username
password: Local UniFi OS admin password
site: Site name (usually default)

Commands

All commands support optional json argument for raw JSON output (default is human-readable table).

Network Dashboard

Comprehensive view of all network stats (Health, Devices, Clients, Networks, DPI, etc.):

bash scripts/dashboard.sh
bash scripts/dashboard.sh json  # Raw JSON for all sections

Output: Full ASCII dashboard with all metrics.

List Devices

Shows all UniFi devices (APs, switches, gateway):

bash scripts/devices.sh
bash scripts/devices.sh json  # Raw JSON

Output: Device name, model, IP, state, uptime, connected clients

List Active Clients

Shows who's currently connected:

bash scripts/clients.sh
bash scripts/clients.sh json  # Raw JSON

Output: Hostname, IP, MAC, AP, signal strength, RX/TX rates

Health Summary

Site-wide health status:

bash scripts/health.sh
bash scripts/health.sh json  # Raw JSON

Output: Subsystem status (WAN, LAN, WLAN), counts (up/adopted/disconnected)

Top Applications (DPI)

Top bandwidth consumers by application:

bash scripts/top-apps.sh
bash scripts/top-apps.sh 15  # Show top 15 (default: 10)

Output: App name, category, RX/TX/total traffic in GB

Recent Alerts

Recent alarms and events:

bash scripts/alerts.sh
bash scripts/alerts.sh 50  # Show last 50 (default: 20)

Output: Timestamp, alarm key, message, affected device

Workflow

When the user asks about UniFi:

"What's on my network?" → Run bash scripts/devices.sh + bash scripts/clients.sh
"Is everything healthy?" → Run bash scripts/health.sh
"Any problems?" → Run bash scripts/alerts.sh
"What's using bandwidth?" → Run bash scripts/top-apps.sh
"Show me a dashboard" or general checkup → Run bash scripts/dashboard.sh

Always confirm the output looks reasonable before presenting it to the user (check for auth failures, empty data, etc.).

Notes

Requires network access to your UniFi gateway
Uses UniFi OS login + /proxy/network API path
All calls are read-only GET requests
Tested endpoints are documented in references/unifi-readonly-endpoints.md

Reference

Tested Endpoints — Full catalog of verified read-only API calls

Monitor and query your UniFi network via the local UniFi OS gateway API (tested on Cloud Gateway Ultra).

Purpose

This skill provides read-only access to your UniFi network's operational data:

Devices (APs, switches, gateway) status and health
Active clients (who's connected where)
Network health overview
Traffic insights (top applications via DPI)
Recent alarms and events

All operations are GET-only and safe for monitoring/reporting.

Setup

Create the credentials file: ~/.openclaw/credentials/unifi.json

{
  "host": "your-gateway-ip",
  "username": "your_username",
  "password": "your_password",
  "note": "Local Read-Only account on UniFi OS"
}

Note: The URL must use HTTPS and point to your UniFi gateway. The site is usually default for home setups.

host: Your UniFi OS gateway IP/hostname (without https://)
username: Local UniFi OS admin username
password: Local UniFi OS admin password
site: Site name (usually default)

Commands

All commands support optional json argument for raw JSON output (default is human-readable table).

Network Dashboard

Comprehensive view of all network stats (Health, Devices, Clients, Networks, DPI, etc.):

bash scripts/dashboard.sh
bash scripts/dashboard.sh json  # Raw JSON for all sections

Output: Full ASCII dashboard with all metrics.

List Devices

Shows all UniFi devices (APs, switches, gateway):

bash scripts/devices.sh
bash scripts/devices.sh json  # Raw JSON

Output: Device name, model, IP, state, uptime, connected clients

List Active Clients

Shows who's currently connected:

bash scripts/clients.sh
bash scripts/clients.sh json  # Raw JSON

Output: Hostname, IP, MAC, AP, signal strength, RX/TX rates

Health Summary

Site-wide health status:

bash scripts/health.sh
bash scripts/health.sh json  # Raw JSON

Output: Subsystem status (WAN, LAN, WLAN), counts (up/adopted/disconnected)

Top Applications (DPI)

Top bandwidth consumers by application:

bash scripts/top-apps.sh
bash scripts/top-apps.sh 15  # Show top 15 (default: 10)

Output: App name, category, RX/TX/total traffic in GB

Recent Alerts

Recent alarms and events:

bash scripts/alerts.sh
bash scripts/alerts.sh 50  # Show last 50 (default: 20)

Output: Timestamp, alarm key, message, affected device

Workflow

When the user asks about UniFi:

"What's on my network?" → Run bash scripts/devices.sh + bash scripts/clients.sh
"Is everything healthy?" → Run bash scripts/health.sh
"Any problems?" → Run bash scripts/alerts.sh
"What's using bandwidth?" → Run bash scripts/top-apps.sh
"Show me a dashboard" or general checkup → Run bash scripts/dashboard.sh

Always confirm the output looks reasonable before presenting it to the user (check for auth failures, empty data, etc.).

Notes

Requires network access to your UniFi gateway
Uses UniFi OS login + /proxy/network API path
All calls are read-only GET requests
Tested endpoints are documented in references/unifi-readonly-endpoints.md

Reference

Tested Endpoints — Full catalog of verified read-only API calls

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

Purpose

Setup

Commands

Network Dashboard

List Devices

List Active Clients

Health Summary

Top Applications (DPI)

Recent Alerts

Workflow

Notes

Reference

Purpose

Setup

Commands

Network Dashboard

List Devices

List Active Clients

Health Summary

Top Applications (DPI)

Recent Alerts

Workflow

Notes

Reference

安装命令点击复制