iblai-vibe-agent-prompt

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches a configuration template (iblai.env) and brand guidelines (BRAND.md) from the official ibl.ai GitHub repository. These are standard resources required for the skill's functionality.
  • [COMMAND_EXECUTION]: Instructs the agent to execute standard development commands including pnpm build, pnpm test, pnpm dev, and playwright screenshot for verification purposes. These commands are consistent with the skill's purpose of integrating UI components.
  • [PROMPT_INJECTION]: The AgentPromptsTab component features a renderPromptContent prop that allows rendering text as Markdown. This provides a potential surface for indirect prompt injection if the system prompts being displayed are sourced from untrusted users. This is an inherent risk of displaying user-controlled content as rich text and should be mitigated by content sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:01 PM
Security Audit — agent-trust-hub — iblai-vibe-agent-prompt