iblai-vibe-agent-sandbox

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches brand assets, documentation, and configuration templates from the author's official GitHub repository (iblai/vibe). These are trusted resources required for the platform's functionality.
  • [COMMAND_EXECUTION]: The skill provides a shell helper, nemoclaw_run, which uses a subshell and redirection to capture and log command output within the sandbox. It also instructs the agent to use standard tools like pnpm, npm, and playwright for build and verification tasks.
  • [SAFE]: The skill includes explicit security guidelines for the agent to protect private data and environment secrets. It also provides a Node.js preload script designed to enforce security guards (such as seccomp and network policies) within the sandboxed environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:01 PM
Security Audit — agent-trust-hub — iblai-vibe-agent-sandbox