unity-event
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The skill defines administrative tools for the Unity Editor and Runtime environment to inspect and modify event listeners. All operations are confined to the Unity object hierarchy as described.
- [INDIRECT_PROMPT_INJECTION]: The skill defines an interface for processing Unity scene data which represents an ingestion surface for untrusted data.
- Ingestion points: Tool parameters such as
objectName,componentName, and the JSON-encodeditemsarray inevent_add_listener_batch(SKILL.md). - Boundary markers: None present in the tool definitions to distinguish between intended parameters and potentially malicious strings embedded in GameObject names or component metadata.
- Capability inventory: The skill allows modification of application logic by adding listeners (
event_add_listener), removing listeners (event_remove_listener), or invoking methods (event_invoke). - Sanitization: The tool definitions do not specify validation or allow-listing of method names or target components before execution.
Audit Metadata