teach-impeccable
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data from the local codebase (README, documentation, components, and package.json).
- Ingestion points: Project files including README, docs, package.json, and existing components are scanned in SKILL.md (Step 1).
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are used when reading these files.
- Capability inventory: The skill can read project files and write to local markdown files (.impeccable.md and CLAUDE.md).
- Sanitization: No sanitization or validation of the content read from the codebase is performed before synthesis.
- [SAFE]: The skill's primary purpose is to generate design documentation. It does not possess capabilities for network access, arbitrary command execution, or external data exfiltration.
- [EXTERNAL_DOWNLOADS]: No external packages, scripts, or remote resources are downloaded or referenced.
- [COMMAND_EXECUTION]: No system commands, shell scripts, or subprocesses are invoked by this skill.
Audit Metadata