unity-compile-fixer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted diagnostic data from external tools (VSCode/OmniSharp) and interpolates this into its reasoning process for generating code fixes.
- Ingestion points:
mcp__ide__getDiagnosticstool output and file contents via theReadtool. - Boundary markers: The skill uses the
AskUserQuestiontool to require human approval before applying any fixes, significantly mitigating the risk of automated malicious actions. - Capability inventory: The skill can modify local files using the
Edittool and execute a local Node.js analysis script. - Sanitization: No explicit sanitization or instruction-ignoring delimiters are defined for the incoming diagnostic messages.
- Data Exposure (SAFE): The provided Node.js script reads a file path from command-line arguments. While it could be pointed at sensitive JSON files, it only outputs data that conforms to a specific VSCode diagnostic schema, and the
JSON.parsestep would fail for most sensitive system files (like SSH keys or passwd) which are not JSON-formatted.
Audit Metadata