critique
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
npxto run theimpeccabletool for both static analysis of scannable markup files and starting a local server for live browser overlays. It also manages the lifecycle of the local server by explicitly stopping it after use. - [REMOTE_CODE_EXECUTION]: The skill uses
npx impeccable, which fetches and executes code from the npm registry (a well-known service). This represents a remote code execution pattern common for Node.js-based developer tools. - [EXTERNAL_DOWNLOADS]: The
npxcommand downloads theimpeccablepackage from the npm registry, which is a standard and well-known service. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data that could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: The skill reads local project files (HTML, JSX, TSX, Vue, Svelte) and navigates to potentially untrusted URLs via browser automation.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate potential malicious prompts embedded within the files or web pages being analyzed.
- Capability inventory: The skill has significant capabilities including spawning sub-agents, executing shell commands, and performing browser automation (including script injection and reading console logs).
- Sanitization: No sanitization, escaping, or validation of the ingested content is mentioned before it is processed by the LLM or used in browser-based injection tasks.
Audit Metadata