The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (MEDIUM): The skill references and requires the playunreal Python package and the repository https://github.com/Randroids-Dojo/PlayUnreal. This organization is not on the trusted sources list, making the dependency unverifiable without manual review of its source code.
[COMMAND_EXECUTION] (MEDIUM): The documentation includes instructions for the agent to execute shell commands like UnrealEditor and various .exe files with specific flags (-ExecCmds, -RCWebControlEnable). While functional for the stated purpose, these commands allow for arbitrary process spawning on the host machine.
[DATA_EXFILTRATION] (INFO): The skill uses local network communication (127.0.0.1:30010) for the Unreal Remote Control API. This is standard for local automation, but users should ensure the Remote Control server is not exposed to untrusted networks, as noted in the skill's own setup checklist.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill interacts with Unreal Engine UI (UMG widgets) and API responses. While it ingests external data from the engine, the capability tier is restricted to automation actions (click, wait, screenshot) rather than high-privilege system modifications or sensitive data exfiltration.

unreal