iblai-vibe-agent-memory

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches an environment configuration template from the vendor's official GitHub repository (github.com/iblai/vibe). This is a legitimate setup step for the vendor's SDK.
  • [COMMAND_EXECUTION]: Instructs the use of standard development tools and package managers (pnpm, npm, npx) for installation, building, and verification (Playwright screenshots). These actions are limited to the local development environment and the current project context.
  • [DATA_EXFILTRATION]: No unauthorized data exfiltration detected. The skill references official ibl.ai REST API endpoints for managing agent memories, which is the stated purpose of the skill.
  • [PROMPT_INJECTION]: No malicious instructions or bypass attempts were found. The instructions are focused on technical configuration and code implementation.
  • [CREDENTIALS_UNSAFE]: References environment variables like TOKEN and PLATFORM in the context of an iblai.env file. It correctly advises that sensitive runtime variables should remain in .env.local, following standard security practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:01 PM
Security Audit — agent-trust-hub — iblai-vibe-agent-memory