teach-impeccable
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and metadata are transparent and contain no malicious directives or obfuscation.
- [DATA_EXPOSURE]: The skill scans standard project files such as README, package.json, and component source code to infer design patterns. This process is restricted to the local codebase and does not target sensitive system credentials or private environment variables.
- [COMMAND_EXECUTION]: The skill instructs the agent to write synthesized design context to a project configuration file. This file system operation is local to the workspace and is consistent with the skill's stated purpose of persisting design guidelines.
- [SAFE]: Evaluation of Indirect Prompt Injection (Category 8) surface: 1. Ingestion points: Local codebase files (README, package.json, components) as described in SKILL.md. 2. Boundary markers: No explicit boundary markers or 'ignore' instructions are used for the scanned content. 3. Capability inventory: File-write access to the project's configuration file. 4. Sanitization: No explicit sanitization or filtering of ingested codebase content is performed. The surface is categorized as safe because the activity is central to the skill's utility and the risk of exploitation is low within the local project context.
Audit Metadata