Security Audit
CoplayDev/unity-mcp:.claude/skills/unity-mcp-skill
github.com/CoplayDev/unity-mcpTrust Assessment
CoplayDev/unity-mcp:.claude/skills/unity-mcp-skill received a trust score of 77/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Arbitrary C# Code Execution in Unity Editor, Potential for Malicious Package Injection, Exposure of Project Internal Structure and Asset Details.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 19, 2026 (commit ec25df8f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary C# Code Execution in Unity Editor The `create_script` and `script_apply_edits` tools allow the agent to inject and execute arbitrary C# code within the Unity Editor environment. This code is compiled and run by Unity. A malicious or compromised agent could leverage this to perform harmful actions, such as deleting project files, modifying critical game logic, exfiltrating data from the Unity project, or even attempting to interact with the underlying operating system if Unity's sandbox allows. Implement strict input validation and sanitization for script content. Consider requiring human review and approval for any new or modified scripts generated by the agent. Ensure the Unity Editor process runs with minimal necessary OS permissions. Implement robust sandboxing for the Unity Editor if possible. | LLM | SKILL.md:190 | |
| MEDIUM | Potential for Malicious Package Injection The `manage_packages` tool allows the agent to add new Unity packages, including those specified by arbitrary Git URLs. A compromised or maliciously instructed agent could use this capability to introduce untrusted or malicious code into the Unity project by installing a package from a hostile source. This could lead to backdoors, data exfiltration, or other forms of compromise within the project. Restrict the agent's ability to add packages from arbitrary Git URLs. Implement a whitelist of approved package sources. Integrate automated security scanning for newly added packages. Require human review and approval for any package installation requests. | LLM | SKILL.md:140 | |
| LOW | Exposure of Project Internal Structure and Asset Details The `unity_reflect` tool can inspect live C# APIs, revealing internal class structures, member signatures, and other code details. The `unity_docs` tool can perform lookups within project assets. While essential for the agent's understanding of the project, these tools can expose sensitive intellectual property, architectural details, or proprietary code to the LLM. If the LLM's outputs are not properly secured, this information could be inadvertently exfiltrated. Be aware of the potential for sensitive data exposure. Ensure that the LLM's interaction logs and outputs are handled securely and are not accessible to unauthorized parties. Consider implementing data masking or redaction for highly sensitive information if it appears in the agent's output. | LLM | SKILL.md:160 |
Scan History
Embed Code
[](https://skillshield.io/report/69372bece5d12c76)
Powered by SkillShield