Skills
skills/koshimazaki/ue-audio-skills/ue5-audio-mcp/Gen Agent Trust Hub

ue5-audio-mcp

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local TCP server on port 9877 to execute procedural commands within Unreal Engine 5.
  • [COMMAND_EXECUTION]: Enables the dynamic generation and compilation of Unreal Engine Blueprint logic and MetaSound graphs using commands such as bp_add_node and bp_compile.
  • [DATA_EXFILTRATION]: Features an import_sound_file command that allows the agent to read and process files from local system paths.
  • [EXTERNAL_DOWNLOADS]: References the vendor's official GitHub repository github.com/koshimazaki/UE-AUDIO-MCP for the required plugin installation.
  • [PROMPT_INJECTION]: Possesses an attack surface for indirect prompt injection by processing data directly from the Unreal Editor environment.
  • Ingestion points: Reads project data via list_assets, scan_blueprint, and export_metasound commands.
  • Boundary markers: No specific delimiters or instruction-ignore warnings are implemented for ingested data.
  • Capability inventory: Includes local file system access and the ability to modify and execute Blueprint logic.
  • Sanitization: Implements a strict allowlist for the call_function tool to prevent the execution of non-audio related Blueprint functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:48 PM