unity-cleaner
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides several functions for deleting files and components within the environment, which are destructive operations.
- Evidence: The
cleaner_delete_assetsskill allows for the deletion of files based on paths. - Evidence: The
cleaner_delete_empty_foldersskill removes directories from the project structure. - Evidence: The
cleaner_fix_missing_scriptsskill removes components from Unity GameObjects. - Note: These operations are the primary intended purpose of the skill and the implementation includes safety guards such as a two-step confirmation process and a default 'dryRun' mode.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external project data.
- Ingestion points: Asset names, file paths, and metadata are read from the Unity project environment during scans in
cleaner_find_unused_assets,cleaner_find_duplicates, andcleaner_get_asset_usage(SKILL.md). - Boundary markers: Absent. There are no explicit instructions to the agent to ignore or delimit potentially malicious instructions embedded in file names or asset metadata.
- Capability inventory: The agent has the ability to delete files and modify project components across several scripts (SKILL.md).
- Sanitization: Absent. The skill does not describe any validation or sanitization of paths or metadata before they are returned to the agent context.
Audit Metadata