iblai-component

SUSPICIOUS: mostly coherent developer-tooling guidance for ibl.ai app scaffolding, but it expands trust to a local token file, a mutable raw GitHub download, and transitive skill installation via `iblai add mcp`. No clear evidence of deliberate credential theft or malicious data routing is present, but the trust and scope are broader than a simple component guide.