unity-package

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required operations (e.g., package_search, package_get_versions, and package_get_dependencies) explicitly query the public Unity Registry for package metadata and dependency information, which are third-party/publicly-published records that the agent must read and use to decide installs and follow-up actions, so untrusted upstream content could influence behavior.