VibeSafe — Security Pre-Flight for AI Coding Agents
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
This skill is reasonable for dependency security checks. Before installing, be comfortable with the agent running audit commands and public vulnerability lookups, approve any local package installation, review external scripts mentioned in the README before executing them, and treat stay_safe.md as a time-limited audit note rather than a permanent safety guarantee. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the skill text were later modified or sourced from an untrusted location, it could strongly steer the agent's behavior.
Putting a skill file into a system prompt elevates its instructions above normal user/context text. In this artifact it is disclosed as Kimi integration guidance, not hidden behavior.
For Kimi, prepend the skill file to your system prompt:
Only add reviewed, trusted skill text to a system prompt, and avoid combining it with untrusted project content.
Dependency names and repository identifiers may be sent to OSV.dev, GitHub, or deps.dev during audits.
The skill instructs the agent to run audit tools and query public vulnerability services. This is expected for dependency auditing, but it is still agent-driven tool use.
Run these checks. Use real tools when available. Always run at least the OSV API check
Use the skill when external vulnerability lookups are acceptable, and avoid sending confidential private package names to public services unless approved.
The agent could modify the Python environment by installing pip-audit before running a scan.
The skill may install and run a Python audit package if it is missing. That local environment change is purpose-aligned but should not be surprising.
pip show pip-audit > /dev/null 2>&1 || pip install pip-audit --quiet
Prefer a virtual environment or user-scoped install, and require confirmation before package installation if you do not want the agent changing your environment.
Following the README quick start could execute code that was not included in this review.
The README documents running helper scripts from an external repository, while the reviewed OpenClaw artifact contains no code files for those scripts.
git clone https://github.com/nerua1/vibe-safe ... chmod +x tools/audit.sh ... ./tools/audit.sh /path/to/your/project
Review or pin the external repository and inspect tools/audit.sh before running it; the instruction-only skill itself does not include that script.
A stale or incorrectly generated stay_safe.md could cause future reviewers or agents to over-trust old audit results.
The skill creates a persistent repository artifact intended to influence future human and agent decisions.
This certificate can be committed to your repo. It tells reviewers and future AI agents: "these dependencies were vetted."
Treat stay_safe.md as time-limited evidence, re-run audits after dependency changes, and do not treat the certificate as a permanent security guarantee.