Skills
skills/iblai/vibe/iblai-auth/Gen Agent Trust Hub

iblai-auth

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run various installation and configuration commands using standard development tools like git, pip, npm, pnpm, and the vendor-specific iblai CLI. These actions are within the scope of the skill's intended purpose.
  • [EXTERNAL_DOWNLOADS]: The skill references downloads for CLI tools and software packages from well-known registries (npm, PyPI) and the vendor's official GitHub repository.
  • [REMOTE_CODE_EXECUTION]: The skill includes commands that pipe data from the PyPI and GitHub APIs to Python. Technical analysis confirms these commands are used only to parse JSON metadata to display the current version string and do not execute remote code.
  • [DATA_EXFILTRATION]: The skill asks the user to provide a tenant key, which is used to configure the application's environment variables. This key is stored in a local .env.local file, following standard development practices for local secret management.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 09:00 PM