iblai-vibe-ops-deploy
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands to build and deploy applications, such as
pnpm buildandnpx vercel deploy. These are standard for development and deployment workflows. - [EXTERNAL_DOWNLOADS]: The skill uses
npxto fetch and run the Vercel CLI. This is a standard practice for using up-to-date deployment tooling from a well-known service (Vercel). - [CREDENTIALS_UNSAFE]: The skill manages a
VERCEL_TOKEN. It provides instructions for users to manually set this token in an environment file (iblai.env) or prompts for it if missing. This follows standard local secret management practices rather than hardcoding credentials. - [DATA_EXFILTRATION]: While the skill transmits environment variables from
.env.localto Vercel, this is a documented and primary function of the skill (syncing project configuration to the hosting provider). No unauthorized data exfiltration was detected.
Audit Metadata