iblai-vibe-agent-sandbox
Audited by Socket on Jul 7, 2026
3 alerts found:
Anomalyx3SUSPICIOUS. The core capability matches the stated purpose and the main SDK/install sources appear same-org and legitimate, so this is not malware-like. However, the skill expands trust through transitive skill usage and unpinned download/execute patterns, making it a medium-risk developer workflow rather than a cleanly self-contained benign skill.
This module is primarily a sandbox/security bootstrap that dynamically requires guard modules from an environment-influenced directory and uses logging plus a fail-closed exit when critical guards fail to load. No direct malicious behaviors (exfiltration, reverse shell, or cryptomining) are evident in the fragment itself, but the dynamic require-from-GUARD_DIR approach is high-impact: without integrity verification and with GUARD_DIR defaulting to '/tmp', an attacker who can tamper with the directory or environment can potentially achieve arbitrary code execution. Security risk therefore hinges on strict control of GUARD_DIR and the guard files’ integrity/permissions.
This snippet is a sandbox wrapper that logs command stdout/stderr to disk and forces Node processes to preload /sandbox/.nemoclaw-preload.js via NODE_OPTIONS. It does not itself contain explicit malware behaviors (no network/exfiltration/credential theft visible), but it introduces high-impact control points: eval-based dynamic command execution and a broad, session-wide Node preload mechanism whose safety depends entirely on the external preload module. Additionally, persistent logging can capture sensitive output at rest. Overall, security risk is moderate-to-high and should be reviewed with the preload module and the command-input control/sanitization strategy.