iblai-invites
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill generates
curlcommands to perform API requests for listing and creating user invitations.- [DATA_EXFILTRATION]: Outbound requests are directed to the vendor's authorized domain (api.iblai.app). The use of environment variables for API keys follows secure development practices.- [PROMPT_INJECTION]: The skill's ability to process CSV data for bulk invites introduces an indirect prompt injection surface. The inclusion of a mandatory user confirmation step before sending invites mitigates this risk.
Audit Metadata