The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). Ingestion points: Untrusted data enters the agent context via parameters such as className, namespaceName, and stepsJson in the script generation functions. Boundary markers: No explicit delimiters or instructions are provided to treat these inputs as literal data or to ignore embedded commands. Capability inventory: The skill has the ability to write new C# files to the filesystem and modify Unity asset settings. Sanitization: There is no documentation of input validation or escaping for the user-supplied strings before they are written into executable scripts.
[COMMAND_EXECUTION]: The skill performs dynamic script generation (Category 10). Evidence: The tools dotween_generate_tween_script and dotween_generate_sequence_script generate C# MonoBehaviour scripts at runtime. While these follow templates, the use of user-controlled strings for class structures represents a surface for code injection in the Unity project environment.

unity-dotween