blender-to-unity

Warn

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DYNAMIC_EXECUTION]: The skill generates and executes Python scripts within Blender and C# scripts within Unity to perform model export and scaling operations.
  • In Step 2, Python code is generated to export files via bpy.ops.export_scene.fbx or bpy.ops.export_scene.gltf.
  • In Step 4, C# code is generated to find game objects and modify their localScale based on bounds calculation.
  • [COMMAND_EXECUTION]: The skill uses execute_code and mcp__blender__execute_blender_code to run arbitrary instructions in the host applications. This capability allows for complex operations that could be misused if the generated strings are compromised.
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect injection because it ingests external data (Blender object names and Unity project paths) and interpolates them directly into executable code templates.
  • Ingestion points: Data enters through mcp__blender__get_object_info (object names) and mcpforunity://editor/state (project paths).
  • Boundary markers: None identified. The instructions do not warn the agent to sanitize these inputs before interpolation.
  • Capability inventory: The skill uses mcp__blender__execute_blender_code (Python execution in Blender) and execute_code (C# execution in Unity).
  • Sanitization: There is no evidence of escaping or validating the <asset name> or <temp path> variables before they are placed into code strings (e.g., GameObject.Find("<asset name>")). If an object name contained characters like "); followed by malicious C# code, it could trigger unexpected behavior in the Unity Editor.
  • [DATA_EXFILTRATION]: The skill explicitly notes it does not send data over the bridge, which is a positive security practice. However, it still interacts with the local filesystem and temporary directories, which could be monitored or used as a pivot point for exfiltration if the execution environment is compromised.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 3, 2026, 02:32 PM
Security Audit — agent-trust-hub — blender-to-unity