iblai-vibe-agent-prompt
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches a configuration template (
iblai.env) and brand guidelines (BRAND.md) from the official ibl.ai GitHub repository. These are standard resources required for the skill's functionality. - [COMMAND_EXECUTION]: Instructs the agent to execute standard development commands including
pnpm build,pnpm test,pnpm dev, andplaywright screenshotfor verification purposes. These commands are consistent with the skill's purpose of integrating UI components. - [PROMPT_INJECTION]: The
AgentPromptsTabcomponent features arenderPromptContentprop that allows rendering text as Markdown. This provides a potential surface for indirect prompt injection if the system prompts being displayed are sourced from untrusted users. This is an inherent risk of displaying user-controlled content as rich text and should be mitigated by content sanitization.
Audit Metadata