Skills
skills/muharremtozan/unity-agent-skills/context-bridge/Gen Agent Trust Hub

context-bridge

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill facilitates an indirect prompt injection vector through its core context-sharing mechanism.
  • Ingestion points: The agent is instructed to scan external project files (lore, mechanics, and asset descriptions) in the World-Building and Unity directories (File: SKILL.md).
  • Boundary markers: The shared context file (PROJECTS_SHARED_CONTEXT.md) does not utilize delimiters or specific instructions to the agent to ignore embedded commands within the summarized content.
  • Capability inventory: The skill uses scripts/update_context.py to write summarized data to the file system. This file is intended to be read by other sessions or projects to inform behavior.
  • Sanitization: The update_context.py script takes the --content argument and writes it directly to the shared file using regex replacement without any sanitization, validation, or escaping of the input string.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:45 PM