Skills
skills/supercent-io/skills-template/vibe-kanban/Gen Agent Trust Hub

vibe-kanban

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill invokes npx vibe-kanban, which dynamically retrieves the application from the npm registry. It also references remote endpoints at https://api.vibekanban.com and https://vibekanban.online for remote connectivity and status updates.
  • [COMMAND_EXECUTION]: Shell scripts are used to manage the git environment and local configurations. The scripts/mcp-setup.sh script modifies the user's home directory configuration files for Claude (~/.claude/claude_desktop_config.json) and Codex (~/.codex/config.toml) to enable the MCP server integration. scripts/cleanup.sh uses git worktree and git branch commands to maintain workspace hygiene.
  • [REMOTE_CODE_EXECUTION]: The MCP integration is configured to execute npx vibe-kanban --mcp, resulting in the execution of code fetched at runtime from the npm registry.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) due to its role in orchestrating agent actions based on task descriptions.
  • Ingestion points: Task descriptions are ingested via the Kanban board UI (SKILL.md) and the vk_create_card MCP tool (mcp-api.md).
  • Boundary markers: Absent; there are no explicit delimiters or safety instructions in the configuration scripts to isolate or ignore instructions within task metadata.
  • Capability inventory: The skill spawns CLI-based AI agents (claude, gemini, etc.), manages the local file system via git worktree, and executes system commands via npx.
  • Sanitization: No input sanitization is performed within the provided shell scripts, delegating safety to the underlying agents' internal guardrails.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 07:04 AM