Skills
skills/zechenzhangagi/ai-research-skills/clip/Gen Agent Trust Hub

clip

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • External Downloads (LOW): The skill instructs the user to install the CLIP package directly from a remote Git repository using pip install git+https://github.com/openai/CLIP.git. This is an external download of executable code. Because the source is a trusted GitHub organization (OpenAI), the severity is downgraded to LOW per the trusted source policy.
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted data (images and text labels) through its vision-language model.
  • Ingestion points: Image.open() and clip.tokenize() are used to ingest external files and strings in SKILL.md and applications.md.
  • Boundary markers: Absent; there are no instructions to the agent to ignore potential adversarial commands embedded in the processed data.
  • Capability inventory: The provided scripts only perform classification, embedding generation, and printing. There are no subprocess calls, file writes, or network operations triggered by the model's output.
  • Sanitization: Absent; the content is passed directly to the model for inference.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:19 PM