Trust Assessment
unity-plugin received a trust score of 76/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Sensitive environment variable access: $HOME, Node lockfile missing, Arbitrary C# Code Execution via `script.execute` tool.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary C# Code Execution via `script.execute` tool The skill documentation explicitly states that the `script.execute` tool allows executing arbitrary C# code within the Unity Editor, including reflection calls. This grants full control over the Unity Editor environment and potentially the underlying system if the C# code interacts with OS functions (e.g., file system access, network requests). While the skill's manifest sets `disableModelInvocation: true` to prevent the AI from automatically invoking this tool, a user can still explicitly call `script.execute` with malicious C# code. This capability represents a significant security risk, enabling command injection, data exfiltration, and credential harvesting within the Unity Editor's context. 1. **Strong Warning**: Add a prominent security warning in the documentation about the dangers of using `script.execute` with untrusted input. 2. **Access Control**: If possible, implement granular access control or a whitelist for allowed C# methods/namespaces, rather than arbitrary code execution. 3. **User Confirmation**: For critical operations or `script.execute` calls, require explicit user confirmation before execution. 4. **Sandboxing**: Explore sandboxing mechanisms for executed C# code within Unity to limit its capabilities. | LLM | SKILL.md:190 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/tomleelive/openclaw-unity-skill/scripts/install-extension.sh:10 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/tomleelive/openclaw-unity-skill/extension/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/18f7abe54312b4d5)
Powered by SkillShield