teach-impeccable
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it incorporates information from untrusted project files into a persistent configuration file.
- Ingestion points: The skill reads README.md, documentation, package.json, and source code components from the project directory.
- Boundary markers: No explicit markers or delimiters are used to prevent the agent from being influenced by instructions embedded within the codebase files.
- Capability inventory: The skill has the ability to read arbitrary files within the codebase and write to or update the CLAUDE.md file in the project root.
- Sanitization: The collected information is synthesized and written to the configuration file without sanitization or filtering for potential embedded commands.
Audit Metadata