← Unreal Engine Skills for Claude Code
Unreal Engine Skills for Claude Code — agentic threat model
This agent presents a high-risk profile due to its direct, live control over the Unreal Editor via MCP, exposing hundreds of powerful development tools. Without explicit sandboxing or robust input validation, prompt injection could lead to local code execution, asset destruction, or project corruption.
OWASP AIVSS score rationale
| Autonomy of Action | 0.80 | |
| Goal-Driven Planning | 0.80 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 1.00 | |
| Persistent Memory | 0.30 | |
| Contextual Awareness | 0.80 | |
| Dynamic Identity | 0.10 | |
| Multi-Agent Interactions | 0.10 | |
| Non-Determinism | 0.70 | |
| Opacity & Reflexivity | 0.60 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — Claude Code relies on Anthropic's Claude models (typically Claude 3.5 Sonnet). Threats include prompt injection that bypasses system instructions, leading to unauthorized tool execution or malicious blueprint generation.
Not certain from the listing — The agent interacts directly with local Unreal project files, assets, and codebases. Threats include data exfiltration of proprietary game assets or poisoning of the local asset database via malicious inputs.
The agent uses the Model Context Protocol (MCP) to expose hundreds of tools from Unreal's ToolsetRegistry. Threats include tool misuse, where malicious prompts trigger destructive editor actions (e.g., deleting assets, corrupting blueprints, or modifying materials maliciously).
Runs as a local MCP server driving a live Unreal Editor instance on the developer's workstation. Threats include local privilege escalation, arbitrary file writes within the project directory, or execution of malicious python/C++ scripts inside Unreal.
Not certain from the listing — No built-in guardrails, evaluation frameworks, or specialized logging are mentioned. Gaps in observability could allow malicious or erroneous actions to go unnoticed until project corruption occurs.
Not certain from the listing — Lacks explicit authentication or authorization controls between Claude Code and the MCP server, relying entirely on local workstation security and implicit trust of the Claude Code environment.
Not certain from the listing — While designed for Claude Code, there is no explicit multi-agent coordination mentioned. However, cascading failures could occur if other MCP servers or plugins interact with the same Unreal project simultaneously.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).