iblai-vibe-ops-upgrade
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from
raw.githubusercontent.com(a well-known service) for both the SDK and vibe skills CHANGELOG files. These resources are associated with the skill's author (iblai). - [COMMAND_EXECUTION]: The skill executes package management commands including
pnpm update,npm install, andnpx skills addto perform the upgrade. It also runspnpm typecheckandnode -pfor version detection and verification. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
- Ingestion points: Fetches external CHANGELOG data via
curlfrom GitHub inSKILL.md. - Boundary markers: None present; the external data is piped directly to the agent's context for summarization.
- Capability inventory: The skill has the ability to execute shell commands (
npm,pnpm,npx) and modify the local filesystem (package updates). - Sanitization: No sanitization or filtering is applied to the fetched text before the agent summarizes it.
Audit Metadata