unity-project
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override instructions, safety bypasses, or jailbreak attempts were found in the skill definitions or guardrails.
- [DATA_EXFILTRATION]: The skill does not access sensitive system files (e.g., SSH keys, credentials) or perform unauthorized network requests. All data access is scoped to Unity project metadata.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts or unverified third-party packages.
- [COMMAND_EXECUTION]: The skill defines high-level API calls for Unity project management. It does not invoke arbitrary shell commands or system-level processes.
- [INDIRECT_PROMPT_INJECTION]: The skill processes project-specific data (e.g., shader names, package manifests, and tags). While this represents an ingestion surface for potentially untrusted data from a project, the skill's capabilities are restricted to information retrieval and minor settings adjustments, posing no significant security risk.
- [OBFUSCATION]: The file contains clear, human-readable markdown and YAML frontmatter with no hidden characters, encoded strings, or homoglyph-based evasion techniques.
Audit Metadata