Skills
skills/akiojin/unity-cli/unity-prefab-workflow/Gen Agent Trust Hub

unity-prefab-workflow

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes Unity-related tasks using the unity-cli tool via the Bash capability. It also provides guidance for the agent to compile and run the tool from source using cargo run if a global binary is unavailable.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external Unity project files.
  • Ingestion points: The skill uses Read, Grep, and Glob tools to ingest data from Unity assets and prefab files into the agent's context.
  • Boundary markers: No specific delimiters or instructions to treat ingested file content as untrusted data are present in the provided documentation.
  • Capability inventory: The skill possesses the ability to execute shell commands via the Bash(unity-cli:*) tool, which could be exploited if malicious instructions are processed.
  • Sanitization: The skill does not implement any validation, sanitization, or filtering of the content read from the filesystem before it is used to determine agent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 02:58 PM