skills/iblai/vibe/iblai-vibe-scaffold/Gen Agent Trust Hub

iblai-vibe-scaffold

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The generated project templates include Windows-specific build scripts in package.json that execute PowerShell with the ExecutionPolicy Bypass flag for tasks such as MSIX packaging and test certificate setup.
  • [EXTERNAL_DOWNLOADS]: The scaffolded applications are configured to fetch numerous dependencies from the NPM registry, including standard framework libraries (Next.js, React) and vendor-specific SDKs from the @iblai scope.
  • [EXTERNAL_DOWNLOADS]: The .mcp.json template configures development tools to be executed via pnpm dlx and npx, which involves downloading and running packages from the NPM registry at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:01 PM
Security Audit — agent-trust-hub — iblai-vibe-scaffold