impeccable
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a set of internal Node.js scripts to automate complex design tasks. These include
live-server.mjsfor hosting iteration state,live-wrap.mjsfor modifying source code structures, andpin.mjsfor managing local command shortcuts. These commands are executed locally to facilitate real-time UI design. - [EXTERNAL_DOWNLOADS]: The
critiqueandauditfunctions utilizenpxto fetch theimpeccablepackage from the NPM registry. This is a standard developer practice for running CLI tools without permanent global installation. - [REMOTE_CODE_EXECUTION]: Runtime execution of code from the NPM registry is triggered during technical quality checks. This is a functional requirement for the audit process.
- [SAFE]: Analysis of the skill's scripts and instructions revealed no evidence of prompt injection, data exfiltration to external domains, or unauthorized credential access. The tool's behavior is consistent with its stated goal of helping users design and polish frontend interfaces.
Audit Metadata