mock-to-unity
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (HTML, images, text) during the mockup phase, presenting a risk of indirect prompt injection.
- Ingestion points: Reads HTML files, screenshots, and text descriptions in Step 1 of
SKILL.md. - Boundary markers: Employs a structured 'Translation Map' (Step 2) and a mandatory 'User Checkpoint' (Step 3) to verify mappings before implementation.
- Capability inventory: Writes C# controllers and USS stylesheets to the
Assets/directory; updates a local reference file at~/.claude/skills/mockup-builder/references/theme-variables.md. - Sanitization: The workflow requires manual verification of element hierarchies and property mappings against the source mockup.
- [DATA_EXPOSURE]: The skill accesses a local reference file at
~/.claude/skills/mockup-builder/references/theme-variables.mdto catalog and update theme variables. This is a localized reference used for maintaining consistency within the project environment.
Audit Metadata