UniFi Gateway
Safe-by-default UniFi MCP: Network + Protect + Access, multi-site, dry-run, audit log.
Using UniFi Gateway in Claude, Cursor, Gemini CLI, Cline, or Zed?
MCP tool contracts can change remotely with no version bump. The mcpindex gate pins each contract and HOLDs the call when it drifts—before your agent acts. Zero credentials. This is not the package install for this server itself (use Install this server for that).
Rewrites your MCP host config so each server launches behind the gate. Inspect first: curl -fsSL https://mcpindex.ai/install.sh | less
curl -fsSL https://mcpindex.ai/install.sh | shSemantic screen found no manipulation pattern in the description. Conformance probe not yet run.
mcpindex.integrity.descriptionpassINFOevidence“No malicious instructions found”via static_description
- - Semantic screen only - the deterministic conformance probe has not run on this server
- - Confidence is reported but not yet calibrated (v1)
- - Screen reads the tool description, not the live behavior
- - advisory
- - registry description only no input schema
- - screen model 8b
Semantic screen: an LLM judge reads the tool description for hidden instructions (status PARTIAL). A pass means the description is not lying, not that the tool is safe: a high-capability tool with an honest description still warrants caution. The deterministic conformance probe has not been run on this server yet, so the screen here is semantic-only. Posture: advisory. Confidences are reported but not yet calibrated (calibrated=false at v1). Full verdict history is not shown on this page.
Own this server? Screen its description →
A live verdict badge for your README or listing. It reflects the current screen, links back here, and updates when the verdict does.
[](https://mcpindex.ai/server/io-github-pete-builds-unifi)<a href="https://mcpindex.ai/server/io-github-pete-builds-unifi"><img src="https://mcpindex.ai/api/v1/badge/io-github-pete-builds-unifi" alt="mcpindex verdict" height="20" /></a>STUB_MODEWhen true, the server returns realistic mock data and requires no UniFi hardware. Defaults to true so the image is functional out of the box.
UNIFI_HOSTIP address or hostname of the UniFi OS gateway (UCG-Fiber, UDM Pro, etc). Required when STUB_MODE=false and MCP_UNIFI_CONTROLLERS_FILE is unset.
UNIFI_API_KEYLocal API key generated under Settings -> Control Plane -> Integrations on the gateway. Required when STUB_MODE=false and MCP_UNIFI_CONTROLLERS_FILE is unset.
UNIFI_SITEUniFi controller site name. Defaults to 'default'.
UNIFI_VERIFY_SSLWhether to verify the gateway's TLS certificate. Defaults to false because most home gateways use a self-signed cert.
MCP_UNIFI_CONTROLLERS_FILEPath to a YAML file describing multiple named controllers for multi-site management. When set, the legacy UNIFI_HOST / UNIFI_API_KEY env vars are ignored. Each entry needs name, host, api_key, and optionally port, site, verify_ssl.
MCP_UNIFI_MODULES_ENABLEDComma-separated list of modules to load. Known values: 'network', 'protect', 'access'. Defaults to 'network'. Set to 'network,protect,access' to enable Protect and Access tools alongside Network. Access is read-only in v0.10.
UNIFI_ACCESS_HOSTUniFi Access hub IP or hostname. Required when the access module is enabled and STUB_MODE=false. Often the same host as UNIFI_HOST.
UNIFI_ACCESS_API_KEYUniFi Access API key. Separate from the Network API key; generated on the Access controller's developer settings. Required when the access module is enabled and STUB_MODE=false.
UNIFI_ACCESS_PORTHTTPS port for the Access hub. Defaults to 12445 (the direct Access app port).
MCP_UNIFI_AUDIT_SINKAudit log sink. One of 'file' (default), 'stdout', or 'syslog'. Every tool call is recorded to a JSONL stream with secrets scrubbed.
MCP_UNIFI_AUDIT_PATHPath for the audit log file when MCP_UNIFI_AUDIT_SINK=file. Defaults to audit.jsonl in the process CWD.
120-module QA gate. Give Claude eyes (screenshots), ears (Sentry errors), and hands (verify fixes).
Shared project wiki for AI agents: read and write pages, next actions, and activity logs over MCP.
Runtime authority for AI agents: credential mediation, spend cap, approval gates, audit log.