unity-csharp-navigate
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'unity-cli' binary (a vendor-owned tool by akiojin) to perform code analysis tasks such as searching for text patterns, identifying symbols, and tracing references.- [COMMAND_EXECUTION]: Documentation in 'references/runtime-checklist.md' provides guidance on executing the tool via 'cargo run' if the binary is missing, which is a standard method for running development tools from source.- [PROMPT_INJECTION]: The skill ingests untrusted C# script files from the local environment, creating a surface for indirect prompt injection.
- Ingestion points: Tool outputs from 'read', 'search', and 'get_symbols' operations in 'SKILL.md' enter the agent's context.
- Boundary markers: No specific delimiters or safety instructions are defined to separate ingested code from the agent's system prompt.
- Capability inventory: The skill is granted access to the 'Bash' tool for CLI operations and several file system tools.
- Sanitization: The skill does not perform sanitization on the file content before processing.
Audit Metadata