impeccable
Warn
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a Node.js script located at .agents/skills/impeccable/scripts/cleanup-deprecated.mjs. This script performs recursive file and directory deletions across multiple potential agent harness directories.
- [COMMAND_EXECUTION]: The skill includes a self-modification instruction that tells the agent to delete a specific block of text from its own SKILL.md file after running the cleanup script. This action conceals the trigger for the automated command execution.
- [PROMPT_INJECTION]: The craft mode accepts user-provided feature descriptions as input for code generation, creating an attack surface for indirect prompt injection.
- Ingestion points: User input provided to the /impeccable craft command as a feature description (SKILL.md).
- Boundary markers: Absent. The skill does not provide delimiters or instructions to treat user input as data rather than instructions.
- Capability inventory: The agent can execute local scripts (cleanup-deprecated.mjs) and perform file system operations like writing and deleting files.
- Sanitization: Absent. There is no validation or filtering of the user's feature description before it is processed.
Audit Metadata