Skills
skills/besty0728/unity-skills/unity-debug/Gen Agent Trust Hub

unity-debug

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its log-reading capabilities.
  • Ingestion points: debug_get_logs and debug_get_stack_trace ingest data from the Unity console, which can contain output from any running script or third-party asset.
  • Boundary markers: There are no specified delimiters or instructions to treat log content as untrusted data in the skill's prompt logic.
  • Capability inventory: The skill possesses the ability to modify project configuration via debug_set_defines and trigger system-heavy operations like debug_force_recompile (which triggers a domain reload).
  • Sanitization: No sanitization or validation of log content is described before it is processed by the agent, allowing potential malicious instructions in log messages to influence subsequent agent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 08:09 AM
Security Audit — agent-trust-hub — unity-debug