vibe-connect-backend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly says the backend supports "Datasets" including "crawl websites for agent training" and instructs creating AI agents/mentors in the iblai.app dashboard (SKILL.md "What the Backend Provides" and setup steps), which indicates the agent can ingest untrusted public web content that may materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill by default connects at runtime to https://api.iblai.app to fetch AI agents/mentors (which include custom system/system prompts and tool configurations), so external content from that URL directly controls agent prompts and is a required dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly lists "Billing | Stripe integration with subscription management and free trials" in its backend capabilities. This is a specific payment gateway integration (Stripe) and implies functionality to manage subscriptions/payments, which qualifies as direct financial execution authority under the Payment Gateways category.