Skills
skills/aradotso/devtools-skills/godot-devtool-mcp-server/Gen Agent Trust Hub

godot-devtool-mcp-server

Warn

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The installation guide instructs users to clone a repository from an unverified GitHub account (wangdiandao/godot-devtool.git), which does not match the vendor Aradotso.
  • [REMOTE_CODE_EXECUTION]: The skill provides tools like script_write to create arbitrary GDScript files and run_project to execute them, which enables arbitrary code execution within the Godot runtime environment.
  • [COMMAND_EXECUTION]: The run_project and various 'headless' tools execute the Godot engine binary on the host system with parameters that can be influenced by the AI or project files.
  • [DATA_EXFILTRATION]: The browser_visualizer_start tool launches a local HTTP server on a specified port, which could potentially expose local project data or system information if the network configuration allows external access.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by reading project settings, scenes, and scripts from potentially untrusted projects.
  • Ingestion points: Reads Godot project files, GDScripts, and scene trees (e.g., in script_read, scene_tree_inspect).
  • Boundary markers: None mentioned.
  • Capability inventory: script_write (file write), run_project (process execution), browser_visualizer_start (network socket).
  • Sanitization: None specified for file content processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 12:48 PM