Skills
skills/kjaylee/misskim-skills/unity-claude-code/Gen Agent Trust Hub

unity-claude-code

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and act upon data from external Unity repositories.
  • Ingestion points: The skill reads Unity project files (Assets, Packages, ProjectSettings) and list contents via the scripts/unity-preflight.sh script (referenced in SKILL.md).
  • Boundary markers: The instructions lack explicit delimiters or warnings to ignore instructions that may be embedded within the project's source code, metadata, or documentation.
  • Capability inventory: The skill has the ability to execute shell commands (bash, node) and file system operations (find, sed).
  • Sanitization: There is no evidence of sanitization or validation of the content read from the repository before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill executes a local shell script (scripts/unity-preflight.sh) to perform discovery tasks. While the script itself is benign, the skill also encourages the execution of arbitrary validation commands based on the target repository's content (e.g., "repo-specific build/test commands"). This could allow malicious instructions inside an untrusted repository to achieve command execution if the agent follows them during the validation phase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:07 AM