skills/iblai/vibe/iblai-vibe-deslop/Gen Agent Trust Hub

iblai-vibe-deslop

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a robust two-phase workflow that prioritizes human oversight. Phase 1 (Audit) generates a structured report, and Phase 2 (Fix) is only initiated after the user reviews and approves the findings.
  • [SAFE]: Included helper scripts (scan_dead_code.sh, scan_dependencies.sh, scan_patterns.sh) use standard UNIX utilities like find, grep, and awk to perform local analysis of the target codebase. No network exfiltration or suspicious system calls were detected.
  • [SAFE]: The skill provides strict 'Fix Guardrails' that prevent the agent from altering business logic, changing API contracts, or installing dependencies without permission. This maintains the integrity of the user's project.
  • [SAFE]: Indirect prompt injection risks are effectively mitigated through the use of safety-tiered fix ordering and the requirement for characterization tests to ensure functional preservation during hardening.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:01 PM
Security Audit — agent-trust-hub — iblai-vibe-deslop