Skills ez-unifi

Name: ez-unifi
Author: openclaw

Use when asked to manage UniFi network - list/restart/upgrade devices, block/unblock clients, manage WiFi networks, control PoE ports, manage traffic rules, create guest vouchers, or any UniFi controller task. Works with UDM Pro/SE, Dream Machine, Cloud Key Gen2+, or self-hosted controllers.

install

source · Clone the upstream repo

git clone https://github.com/openclaw/skills

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/araa47/ez-unifi" ~/.claude/skills/openclaw-skills-ez-unifi && rm -rf "$T"

OpenClaw · Install into ~/.openclaw/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/araa47/ez-unifi" ~/.openclaw/skills/openclaw-skills-ez-unifi && rm -rf "$T"

manifest: skills/araa47/ez-unifi/SKILL.md

ez-unifi

Agent-friendly UniFi Network tools powered by the

aiounifi

library. Supports UDM Pro/SE, Dream Machine, Cloud Key Gen2+, and self-hosted controllers.

Run all commands with:

uv run scripts/unifi.py <command> [args]

Setup

Step 1: Ask user to create a dedicated local admin account

To manage your UniFi network, I need API access. Please create a dedicated local admin account:
Open your UniFi controller (e.g., https://192.168.1.1)

Go to Settings → System → Admins & Users

Click Add Admin
Enter a username (e.g.,
agent-api
)
Enter an email and password

Important: Disable "Remote Access" - local-only avoids MFA issues

Set Role to Super Admin or Site Admin

Click Add
Then provide:
Controller IP (e.g.,
192.168.1.1
)
Username

Password

Is it a UDM Pro/SE/Dream Machine? (yes/no)

Step 2: Save credentials to

.env

UNIFI_HOST=https://192.168.1.1
UNIFI_USERNAME=agent-api
UNIFI_PASSWORD=the_password
UNIFI_SITE=default
UNIFI_IS_UDM=true

Set

UNIFI_IS_UDM=false

for Cloud Key Gen1 or self-hosted controllers.

System & Sites

unifi.py sites                     # List all sites
unifi.py sysinfo                   # System information
unifi.py health                    # Site health status (WAN, WLAN, LAN)

Devices (APs, Switches, Gateways)

unifi.py devices                   # List all devices
unifi.py device MAC                # Device details
unifi.py restart MAC               # Restart device
unifi.py restart MAC --hard        # Hard restart (cycles PoE on switches)
unifi.py upgrade MAC               # Upgrade device firmware
unifi.py locate MAC                # Blink LED to locate
unifi.py unlocate MAC              # Stop LED blinking
unifi.py led MAC on|off|default    # Set LED status
unifi.py led MAC on --color=#FF0000 --brightness=50  # With color/brightness

Switch Ports

unifi.py ports                     # List all switch ports
unifi.py port MAC PORT_IDX         # Port details
unifi.py port-enable MAC PORT_IDX  # Enable switch port
unifi.py port-disable MAC PORT_IDX # Disable switch port
unifi.py poe MAC PORT_IDX MODE     # Set PoE mode (auto|off|passthrough|24v)
unifi.py power-cycle MAC PORT_IDX  # Power cycle a PoE port

Smart Power (PDU/Outlets)

unifi.py outlets                   # List all outlets
unifi.py outlet MAC IDX on|off     # Control outlet relay
unifi.py outlet-cycle MAC IDX on|off  # Enable/disable auto-cycle on internet down

Clients

unifi.py clients                   # List active clients
unifi.py clients-all               # List all clients (including offline/known)
unifi.py client MAC                # Client details
unifi.py block MAC                 # Block client from network
unifi.py unblock MAC               # Unblock client
unifi.py reconnect MAC             # Kick/reconnect client
unifi.py forget MAC [MAC2...]      # Forget client(s) permanently

WiFi Networks

unifi.py wlans                     # List wireless networks
unifi.py wlan ID                   # WLAN details
unifi.py wlan-enable ID            # Enable WLAN
unifi.py wlan-disable ID           # Disable WLAN
unifi.py wlan-password ID NEWPASS  # Change WLAN password
unifi.py wlan-qr ID                # Generate WiFi QR code (PNG file)
unifi.py wlan-qr ID -o myqr.png    # Custom output filename

Port Forwarding

unifi.py port-forwards             # List port forwarding rules
unifi.py port-forward ID           # Port forward details

Traffic Rules

unifi.py traffic-rules             # List traffic rules
unifi.py traffic-rule ID           # Traffic rule details
unifi.py traffic-rule-enable ID    # Enable traffic rule
unifi.py traffic-rule-disable ID   # Disable traffic rule
unifi.py traffic-rule-toggle ID on|off  # Toggle traffic rule state

Traffic Routes

unifi.py traffic-routes            # List traffic routes
unifi.py traffic-route ID          # Traffic route details
unifi.py traffic-route-enable ID   # Enable traffic route
unifi.py traffic-route-disable ID  # Disable traffic route

Firewall

unifi.py firewall-policies         # List firewall policies
unifi.py firewall-policy ID        # Firewall policy details
unifi.py firewall-zones            # List firewall zones
unifi.py firewall-zone ID          # Firewall zone details

DPI (Deep Packet Inspection)

unifi.py dpi-apps                  # List DPI restriction apps
unifi.py dpi-app ID                # DPI app details
unifi.py dpi-app-enable ID         # Enable DPI app restriction
unifi.py dpi-app-disable ID        # Disable DPI app restriction
unifi.py dpi-groups                # List DPI restriction groups
unifi.py dpi-group ID              # DPI group details

Hotspot Vouchers

unifi.py vouchers                  # List vouchers
unifi.py voucher-create --duration=60 --quota=1 --note="Guest"
unifi.py voucher-create --duration=1440 --quota=5 --rate-up=5000 --rate-down=10000
unifi.py voucher-delete ID         # Delete voucher

Voucher options:

```
--duration
```
- Duration in minutes (default: 60)
```
--quota
```
- Number of uses (default: 1)
```
--usage-quota
```
- Usage quota in MB
```
--rate-up
```
- Upload rate limit in Kbps
```
--rate-down
```
- Download rate limit in Kbps
```
--note
```
- Note/description

Events

unifi.py events                    # Stream events in real-time (Ctrl+C to stop)

Raw API Access

unifi.py raw GET /stat/health      # Raw GET request
unifi.py raw POST /cmd/devmgr '{"cmd":"restart","mac":"aa:bb:cc:dd:ee:ff"}'
unifi.py raw PUT /rest/wlanconf/ID '{"enabled":false}'

Output Options

Add

--json

flag to any list command for JSON output:

unifi.py devices --json            # JSON output
unifi.py clients --json

Examples

# Check network health
uv run scripts/unifi.py health

# List all connected clients
uv run scripts/unifi.py clients

# Block a device
uv run scripts/unifi.py block "aa:bb:cc:dd:ee:ff"

# Restart an access point
uv run scripts/unifi.py restart "11:22:33:44:55:66"

# Disable guest WiFi
uv run scripts/unifi.py wlan-disable "5f8b3d2e1a4c7b9e0d6f8a2c"

# Upgrade device firmware
uv run scripts/unifi.py upgrade "11:22:33:44:55:66"

# Power cycle a PoE port (useful for rebooting PoE devices)
uv run scripts/unifi.py power-cycle "switch_mac" 5

# Create a guest voucher (24 hours, single use)
uv run scripts/unifi.py voucher-create --duration=1440 --quota=1 --note="Guest access"

# Generate WiFi QR code for easy connection
uv run scripts/unifi.py wlan-qr "wlan_id" -o guest_wifi.png

# Control traffic rule
uv run scripts/unifi.py traffic-rule-disable "rule_id"

Finding IDs

WLAN IDs: Run
```
wlans
```
and look for the
```
ID
```
column
Device MACs: Run
```
devices
```
and look for the
```
MAC
```
column
Client MACs: Run
```
clients
```
or
```
clients-all
```
and look for the
```
MAC
```
column
Traffic Rule IDs: Run
```
traffic-rules
```
and look for the
```
ID
```
column
Voucher IDs: Run
```
vouchers
```
and look for the
```
ID
```
column

Notes

MAC addresses can be any format (with colons, dashes, or none)
All output is JSON for easy parsing
Using a dedicated local account avoids MFA issues with cloud-linked accounts
If you get rate limited (429 error), wait a few minutes before retrying