unreal-development
Warn
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing several third-party packages and cloning repositories from independent GitHub accounts such as
chongdashu/unreal-mcp,kvick-games/UnrealMCP,ChiR24/Unreal_mcp, and others. These sources are not recognized as trusted vendors or established organizations, posing a supply chain risk. - [COMMAND_EXECUTION]: The skill includes instructions and tools for executing system-level commands, specifically
unreal_compilefor hot reloading,unreal_buildfor platform builds, and the execution of automation tests viaUnrealEditor-Cmd.exe. These operations run with the user's local privileges. - [REMOTE_CODE_EXECUTION]: The
unreal_python_exectool allows for the execution of arbitrary Python commands within the Unreal Engine environment. This capability represents a significant execution surface that could be exploited if malicious input is supplied. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from Unreal Engine project files (
DefaultEngine.ini, level structures) and project metadata. It lacks explicit boundary markers or sanitization logic to separate this data from agent instructions. Given its powerful capabilities—including file modification (unreal_generate_cpp), compilation, and Python execution—this ingestion point creates an exploitable attack surface where malicious data could influence agent actions.
Audit Metadata