unity-cleaner
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions do not contain any known malicious patterns, obfuscation, or unauthorized data exfiltration.
- [COMMAND_EXECUTION]: The skill facilitates project maintenance through file system operations like asset scanning and deletion. Destructive actions are guarded by a confirmation token system and a safety-first dry-run policy.
- [DATA_EXFILTRATION]: While the skill reads project structure and asset metadata (paths, hashes, sizes), there are no network operations or external destinations defined for this data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from untrusted project files. 1. Ingestion points: Project file paths and content in the Assets directory (SKILL.md). 2. Boundary markers: None explicitly defined. 3. Capability inventory: cleaner_delete_assets and cleaner_delete_empty_folders. 4. Sanitization: None explicitly defined. These factors are considered low risk as the operations are consistent with the skill's primary cleanup purpose and require confirmation.
Audit Metadata