Skills
skills/jeo-tech-ai/oh-my-unity3d/unity-mcp/Gen Agent Trust Hub

unity-mcp

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/setup.sh modifies local configuration files for Claude, Codex, and Gemini CLI located in the user's home directory to register the MCP server. It uses Python snippets to programmatically edit these JSON and TOML files.
  • [EXTERNAL_DOWNLOADS]: The skill documentation directs users to install a Unity package from a third-party GitHub repository at https://github.com/CoplayDev/unity-mcp.git and uses npx to fetch skill templates from https://github.com/supercent-io/skills-template.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ability to ingest untrusted data while possessing significant system capabilities. 1. Ingestion points: The read_console tool in SKILL.md allows the agent to read potentially attacker-influenced Unity log output. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present in the documentation for log processing. 3. Capability inventory: The skill has access to high-privilege tools including Bash, Write, create_script, and execute_custom_tool as defined in SKILL.md. 4. Sanitization: No sanitization or validation of the ingested console data is mentioned before the agent acts upon it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 09:08 AM