The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The tools execute-script and evaluate-runtime-expression allow the agent to execute arbitrary GDScript strings. This provides full access to Godot's internal APIs, which include capabilities for filesystem manipulation and system command execution through the OS singleton.
[EXTERNAL_DOWNLOADS]: The manual installation instructions direct users to clone source code from an external repository at github.com/yurineko73/Godot-MCP-Native.git, which is outside the authoritative scope of the skill's primary author context.
[COMMAND_EXECUTION]: The skill provides a large suite of tools to modify the local development environment, including modify-script, create-script, and delete-node, which allow for persistent changes to the project's codebase and structure.
[DATA_EXFILTRATION]: Tools like read-script, get-editor-logs, and get-editor-screenshot enable the retrieval of potentially sensitive project source code, debug logs, and visual workspace data, which is then transmitted to the agent context.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from project files and logs, which could contain instructions that influence the agent's behavior when utilizing its high-privilege execution tools.
Ingestion points: read-script, get-editor-logs, get-scene-tree, and get-debug-stack-variables in SKILL.md.
Boundary markers: None identified in the tool descriptions to differentiate between project data and agent instructions.
Capability inventory: execute-script, evaluate-runtime-expression, modify-script, run-project, and delete-node in SKILL.md.
Sanitization: No evidence of data validation or sanitization before external content is processed by the agent.

godot-mcp-native