iblai-test

Warn

Audited by Socket on Apr 14, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the testing purpose is coherent, and network/data flow stays mostly within the local app plus the stated ibl.ai login domain, but the skill unnecessarily asks for the user's real password and stores it in plaintext for automation. That credential-handling choice makes the skill higher risk than a normal testing guide even though it does not show clear malware or third-party exfiltration behavior.

Confidence: 91%Severity: 62%
Audit Metadata
Analyzed At
Apr 14, 2026, 09:35 PM
Package URL
pkg:socket/skills-sh/iblai%2Fvibe%2Fiblai-test%2F@1c0443a490787a88affa0d9fa898199d77b27f1a
Security Audit — socket — iblai-test