Security Audit
CoplayDev/unity-mcp:unity-mcp-skill
github.com/CoplayDev/unity-mcpTrust Assessment
CoplayDev/unity-mcp:unity-mcp-skill received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Agent can inject arbitrary C# code into Unity project, Broad access to Unity Editor and project files, Agent can capture visual data and inspect internal project structure.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 19, 2026 (commit ec25df8f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Agent can inject arbitrary C# code into Unity project The skill provides tools (`create_script`, `script_apply_edits`) that allow the AI agent to create new C# script files or modify existing ones within the Unity project. This capability, while central to the skill's purpose, represents a direct command injection vector. A compromised or malicious agent could inject arbitrary C# code, leading to execution of malicious logic within the Unity Editor or runtime, potentially compromising the project, data, or the development environment. Implement strict input validation and sanitization for any agent-generated script content. Ensure human oversight or approval for significant code changes. Restrict the agent's ability to modify critical system files or introduce network-accessing code. | LLM | SKILL.md:141 | |
| MEDIUM | Broad access to Unity Editor and project files The skill grants the AI agent extensive permissions to modify the Unity Editor environment and project files. This includes creating/deleting GameObjects, managing assets, installing/removing packages (`manage_packages`), executing arbitrary editor menu items (`execute_menu_item`), and deploying/restoring packages (`manage_editor`). While these permissions are necessary for the skill's intended functionality (orchestrating Unity), they present a significant risk if the agent is compromised or misused. A malicious agent could corrupt the project, introduce unwanted dependencies, or trigger unintended editor actions. Implement granular access controls if possible, limiting the agent's capabilities to only what is strictly necessary for a given task. Monitor agent actions for suspicious patterns. Consider sandboxing the Unity Editor environment when running agent-driven tasks. | LLM | SKILL.md:100 | |
| LOW | Agent can capture visual data and inspect internal project structure The skill provides tools like `manage_camera(action="screenshot", include_image=True)` to capture visual data (screenshots) from the Unity Editor and return them directly to the AI. Additionally, `unity_reflect` allows inspection of live C# APIs, exposing internal project structure, class names, and member signatures. While these are legitimate functionalities for an AI agent to understand and interact with the Unity environment, they could be misused by a compromised agent to exfiltrate sensitive visual information or proprietary code structure. Ensure that sensitive information is not displayed in the Unity Editor when the agent is active, or implement mechanisms to redact sensitive areas from screenshots. Restrict `unity_reflect` access to specific assemblies or namespaces if possible. Implement strict logging and monitoring of agent actions, especially those involving data capture or introspection. | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/a2e96ca8ead55573)
Powered by SkillShield