Unity Cleaner Skills

Safety: cleaner_delete_assets uses a two-step confirmToken handshake. Call without confirmToken to preview; call again with the returned token (5-minute TTL) to actually delete. There is no dryRun parameter.

Guardrails

Operating Mode (v1.9 three-tier):

• Approval (default): all analyze/query skills (cleaner_find_unused_assets, cleaner_find_duplicates, cleaner_find_missing_references, cleaner_get_asset_usage, cleaner_find_empty_folders, cleaner_find_large_assets, cleaner_get_dependency_tree) are SemiAuto — run directly.
• Auto / Bypass: SemiAuto and FullAuto run directly.
• Auto-forbidden in this module: cleaner_delete_assets, cleaner_delete_empty_folders (both carry SkillOperation.Delete). In Approval/Auto these return MODE_FORBIDDEN — they are reachable only under Bypass mode or via a user-managed Allowlist entry; the grant flow does not unlock them.
• cleaner_fix_missing_scripts is an Execute | Modify operation (it replaces missing component references with null in place, no asset deletion), so it does not trigger the NeverInSemi gate. In Auto / Bypass it runs directly; in Approval it still requires the standard grant handshake before execution.
• cleaner_delete_assets additionally uses a two-step confirmToken handshake even when the mode gate allows it — preview first (no token), then confirm with the returned token (5-minute TTL).

DO NOT (common hallucinations):

• cleaner_delete / cleaner_remove do not exist → cleaner skills only find/report; use asset_delete to actually remove
• cleaner_fix does not exist → use cleaner_fix_missing_scripts specifically for missing script references
• cleaner_scan / cleaner_find_unused do not exist → use specific skills: cleaner_find_unused_assets, cleaner_find_duplicates, cleaner_find_missing_references, cleaner_find_empty_folders, cleaner_find_large_assets