diff --git a/tests/device_tests/test_msg_applysettings.py b/tests/device_tests/test_msg_applysettings.py
index 410cfb0961..9d18a49ca5 100644
--- a/tests/device_tests/test_msg_applysettings.py
+++ b/tests/device_tests/test_msg_applysettings.py
@@ -16,11 +16,16 @@
 
 import pytest
 
-from trezorlib import device, messages as proto
+from trezorlib import btc, device, exceptions, messages
+from trezorlib.tools import parse_path
 
-EXPECTED_RESPONSES_NOPIN = [proto.ButtonRequest(), proto.Success(), proto.Features()]
-EXPECTED_RESPONSES_PIN_T1 = [proto.PinMatrixRequest()] + EXPECTED_RESPONSES_NOPIN
-EXPECTED_RESPONSES_PIN_TT = [proto.ButtonRequest()] + EXPECTED_RESPONSES_NOPIN
+EXPECTED_RESPONSES_NOPIN = [
+    messages.ButtonRequest(),
+    messages.Success(),
+    messages.Features(),
+]
+EXPECTED_RESPONSES_PIN_T1 = [messages.PinMatrixRequest()] + EXPECTED_RESPONSES_NOPIN
+EXPECTED_RESPONSES_PIN_TT = [messages.ButtonRequest()] + EXPECTED_RESPONSES_NOPIN
 
 PIN4 = "1234"
 
@@ -117,3 +122,34 @@ class TestMsgApplysettings:
         with client:
             _set_expected_responses(client)
             device.apply_settings(client, homescreen=img)
+
+    @pytest.mark.skip_t1
+    @pytest.mark.setup_client(pin=None)
+    def test_unsafe_prompts(self, client):
+        BAD_ADDRESS = parse_path("m/0")
+
+        with pytest.raises(
+            exceptions.TrezorFailure, match="Forbidden key path"
+        ), client:
+            client.set_expected_responses([messages.Failure()])
+            btc.get_address(client, "Bitcoin", BAD_ADDRESS)
+
+        with client:
+            client.set_expected_responses(EXPECTED_RESPONSES_NOPIN)
+            device.apply_settings(client, unsafe_prompts=True)
+
+        with client:
+            client.set_expected_responses(
+                [messages.ButtonRequest(), messages.Address()]
+            )
+            btc.get_address(client, "Bitcoin", BAD_ADDRESS)
+
+        with client:
+            client.set_expected_responses(EXPECTED_RESPONSES_NOPIN)
+            device.apply_settings(client, unsafe_prompts=False)
+
+        with pytest.raises(
+            exceptions.TrezorFailure, match="Forbidden key path"
+        ), client:
+            client.set_expected_responses([messages.Failure()])
+            btc.get_address(client, "Bitcoin", BAD_ADDRESS)
diff --git a/tests/ui_tests/fixtures.json b/tests/ui_tests/fixtures.json
index 118c62fcf7..75305b06b6 100644
--- a/tests/ui_tests/fixtures.json
+++ b/tests/ui_tests/fixtures.json
@@ -14,6 +14,7 @@
 "test_msg_applysettings.py-test_apply_settings": "2cc8bf660f3be815d19a4bf1265936162a58386fbe632ca4be01541245b79134",
 "test_msg_applysettings.py-test_apply_settings_passphrase": "5c1ed9a0be3d14475102d447da0b5d51bbb6dfaaeceff5ea9179064609db7870",
 "test_msg_applysettings.py-test_apply_settings_passphrase_on_device": "3e6527e227bdde54f51bc9c417b176d0d87fdb6c40c4761368f50eb201b4beed",
+"test_msg_applysettings.py-test_unsafe_prompts": "19bd500c3b791d51bbd1140085f306a838194593697529263f362acb0b1ab445",
 "test_msg_backup_device.py::test_backup_bip39": "2b63928444b8188eb2241fc03a3b9bc81191cfa9bbf3ef5431894c04ee0ed01f",
 "test_msg_backup_device.py::test_backup_slip39_advanced": "31900e0e8ad694ce894eee1ce289b425558c1fcd7bcb6128a19c049af436d35f",
 "test_msg_backup_device.py::test_backup_slip39_basic": "be4d88d882851ce1ddc45165c35952b23121ddca1a811c7fd7c7ef9d31989e8c",