iblai-vibe-agent-chat

Fail

Audited by Snyk on Jul 7, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask the user for their agent/mentor UUID and to write it directly into .env.local (embedding user-provided secret/identifier verbatim into generated file output), which requires the LLM to handle and output a secret-like value directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). This code deliberately sends the host page's entire localStorage (including auth tokens) to a third-party iframe/hosted mentor UI via postMessage and calls redirectToAuthSPA to deliver credentials, which constitutes intentional credential exposure/data exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The legacy chat widget dynamically imports @iblai/iblai-web-mentor and imperatively creates a element that loads an external iframe at https://mentorai.iblai.app (mentorai.{domain}) and receives auth tokens via postMessage, so remote code/content is fetched and executed at runtime (assets/chat-widget.tsx.j2 lines 6-8, 55, 116-126, 130-141; SKILL.md lines 118-119).

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 7, 2026, 01:01 PM
Issues
3
Security Audit — snyk — iblai-vibe-agent-chat