Skills
skills/akiojin/unity-cli/unity-scene-inspect/Gen Agent Trust Hub

unity-scene-inspect

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands using unity-cli. It specifically mentions using cargo run to execute code within the current workspace as a fallback when no global binary is installed (as seen in references/runtime-checklist.md).
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing data from Unity scenes, which could contain instructions intended to influence the agent's behavior.
  • Ingestion points: Scene hierarchy, component values, and animator states are retrieved through unity-cli subcommands in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to treat ingested scene data as untrusted are included in the skill.
  • Capability inventory: The agent can execute commands via Bash and access the file system via Read, providing a path for potential exploitation of injected instructions.
  • Sanitization: The instructions do not define any validation or sanitization steps for the data retrieved from Unity before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 02:58 PM