iblai-notification
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches version metadata from PyPI and the GitHub API for the vendor's CLI tool. These operations utilize
curlto retrieve JSON data which is then parsed by a local Python string script. This is a standard and safe method for version checking and does not involve executing remote code. - [COMMAND_EXECUTION]: Instructs the agent to run project-related commands such as
npm run build,npm run test, and the vendor's own CLI tool (iblai add notifications). These are consistent with the skill's purpose for application development. - [SAFE]: The skill's behavior aligns with its documented purpose. All external resources, including npm/pypi packages and GitHub links, originate from the official vendor (iblai) or trusted public registries.
Audit Metadata