iblai-agent-api

Warn

Audited by Socket on May 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core purpose is coherent with a UI integration skill, but the footprint is broader than necessary due to unpinned CLI upgrades, mutable GitHub raw downloads, and reliance on additional external tooling/setup. No clear credential harvesting or exfiltration is present, so this looks more like medium supply-chain and execution-trust risk than malware.

Confidence: 82%Severity: 57%
Audit Metadata
Analyzed At
May 20, 2026, 01:40 PM
Package URL
pkg:socket/skills-sh/iblai%2Fvibe%2Fiblai-agent-api%2F@235c7f524a4e1e652b813c7a0c97374c2b208f14
Security Audit — socket — iblai-agent-api