iblai-vibe-agent-memory
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches an environment configuration template from the vendor's official GitHub repository (
github.com/iblai/vibe). This is a legitimate setup step for the vendor's SDK. - [COMMAND_EXECUTION]: Instructs the use of standard development tools and package managers (
pnpm,npm,npx) for installation, building, and verification (Playwright screenshots). These actions are limited to the local development environment and the current project context. - [DATA_EXFILTRATION]: No unauthorized data exfiltration detected. The skill references official ibl.ai REST API endpoints for managing agent memories, which is the stated purpose of the skill.
- [PROMPT_INJECTION]: No malicious instructions or bypass attempts were found. The instructions are focused on technical configuration and code implementation.
- [CREDENTIALS_UNSAFE]: References environment variables like
TOKENandPLATFORMin the context of aniblai.envfile. It correctly advises that sensitive runtime variables should remain in.env.local, following standard security practices.
Audit Metadata