unity-editor
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by reading untrusted data from the Unity environment.
- Ingestion points: Skills such as editor_get_context and editor_get_selection in SKILL.md ingest data from the Unity hierarchy and project files.
- Boundary markers: No boundary markers or 'ignore embedded instructions' warnings are present to isolate project data from the instruction context.
- Capability inventory: The editor_execute_menu skill in SKILL.md allows for application-level command execution.
- Sanitization: No evidence of sanitization or validation of external names and paths before interpolation into the agent's context.
- [COMMAND_EXECUTION]: The editor_execute_menu skill provides the ability to invoke any Unity menu command. If an attacker can influence the editor context (e.g., via maliciously named assets), they might trick the agent into executing sensitive or destructive menu commands within the editor environment.
Audit Metadata