teach-impeccable
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for one-time project setup, reading common developer files like package.json and README.md to assist with design consistency.
- [PROMPT_INJECTION]: The skill presents an indirect injection surface because it ingests data from untrusted codebase files and incorporates it into persistent instruction files.
- Ingestion points: The skill reads various project files including README.md, package.json, and component source code.
- Boundary markers: The instructions do not define delimiters or specific markers to isolate ingested content from the system prompt.
- Capability inventory: The skill utilizes file read capabilities across the codebase and file write access to .impeccable.md and .github/copilot-instructions.md.
- Sanitization: There is no evidence of sanitization or filtering applied to the ingested content before it is persisted in configuration files.
Audit Metadata