impeccable
Warn
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The script
scripts/live-copy-edit-agent.mjsis designed to execute thecodexCLI tool using the--dangerously-bypass-approvals-and-sandboxflag. This pattern allows an AI sub-process to modify project source code with its internal safety and approval mechanisms disabled. - [COMMAND_EXECUTION]: The skill uses shell command execution to manage its environment and gather context:
scripts/pin.mjscreates and writes new skill configuration files (SKILL.md) into the agent's hidden harness directories (such as.claude,.cursor, and.github) to install command shortcuts.- Various scripts use
execSyncandspawnto rungitcommands and othernodeprocesses for project analysis. - Scripts like
scripts/live-inject.mjsandscripts/live-wrap.mjsperform direct modifications to source code files and local environment configurations. - [PROMPT_INJECTION]: The live iteration feature in
scripts/live-poll.mjsingestssteerevents from a local helper server. These events contain amessagefield which the agent is explicitly instructed to interpret as design direction and execute, representing a surface for indirect prompt injection from the browser session. - [EXTERNAL_DOWNLOADS]: The skill performs network operations to external sources:
scripts/context.mjsfetches version information fromhttps://impeccable.styleto perform update checks.- The detector engine in
scripts/detector/engines/browser/detect-url.mjsuses Puppeteer to fetch and render content from arbitrary external URLs for analysis purposes.
Audit Metadata