llava
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references the official LLaVA GitHub repository (
haotian-liu/LLaVA) and models from Hugging Face (liuhaotian/llava-v1.5-7b). These are well-known, high-reputation sources in the AI community. - [COMMAND_EXECUTION] (SAFE): The shell commands provided are standard installation and execution commands (
pip install,python -m llava.serve.cli,bash scripts/...). These are necessary for the skill's purpose and do not perform any hidden or suspicious actions. - [REMOTE_CODE_EXECUTION] (SAFE): While the skill involves cloning a repository and running Python scripts, the code is from a trusted source and is typical for implementing local vision-language models.
- [DATA_EXFILTRATION] (SAFE): No network exfiltration or unauthorized file access patterns were detected. All network activity is directed toward established repositories for model and code fetching.
- [PROMPT_INJECTION] (SAFE): The provided conversation templates and instruction-following examples follow standard practices and do not contain any instructions intended to bypass safety filters or override agent constraints.
Audit Metadata