Unity Template Generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill uses the Write tool to generate code based on untrusted user input for class names and namespaces.
- Ingestion points: Template placeholders (e.g., CLASS_NAME, NAMESPACE, DESCRIPTION) in SKILL.md.
- Boundary markers: None identified in the skill definition to separate instructions from data.
- Capability inventory: Write, Read, and Glob tools (SKILL.md) allow modification of the local file system.
- Sanitization: No input validation or escaping logic is present to prevent malicious code injection through placeholder values.
Recommendations
- AI detected serious security threats
Audit Metadata