unity-event
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No security threats or malicious behaviors were detected in the skill definitions. The tools are restricted to configuring event listeners within the Unity Editor.
- [NO_CODE]: The skill is composed entirely of markdown documentation and tool definitions, with no executable scripts, binaries, or package dependencies.
- [PROMPT_INJECTION]: The skill contains a 'Full-Auto' mode instruction in its guardrails, which directs the AI agent to operate without manual confirmation. While common in developer tools, this increases the agent's autonomy.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. 1. Ingestion points: Project-derived strings such as GameObject names, component names, and the JSON 'items' parameter in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Tools can modify Unity project configuration and invoke methods at runtime. 4. Sanitization: Not specified for the ingested project data.
Audit Metadata