unity-material
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection where malicious instructions could be embedded in the data processed by the agent.
- Ingestion points: Material names (
name), asset paths (path,savePath,materialPath,texturePath,sourcePath), and structured JSON data in batch operations (material_create_batch,material_assign_batch,material_set_colors_batch,material_set_emission_batch). - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within the input data are present in the documentation.
- Capability inventory: The skill allows creating material assets on the file system, modifying existing material properties (colors, textures, floats, shaders), and assigning materials to game objects.
- Sanitization: There is no mention of input sanitization or validation for the provided strings and paths before they are used in Unity operations.
Audit Metadata