Skills
skills/ori-kim/cli-proxy/clip/Gen Agent Trust Hub

clip

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local utility capable of executing shell commands and scripts through defined targets (e.g., using clip add <name> --stdio <cmd>). This is a core feature of the proxy for managing tool access.
  • [EXTERNAL_DOWNLOADS]: The skill provides functionality to connect to and fetch data from external remote endpoints, including MCP servers, OpenAPI specifications, and GraphQL/gRPC APIs.
  • [PROMPT_INJECTION]: As the skill routes and processes data from various external sources (APIs and CLI outputs), it possesses an attack surface for indirect prompt injection where untrusted data could influence agent behavior.
  • Ingestion points: Data is ingested from external API responses and CLI tool outputs processed by the clip gateway.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within tool outputs are defined in the provided documentation.
  • Capability inventory: The agent can execute shell commands via stdio or cli targets and perform network operations via REST, GraphQL, SSE, or gRPC targets.
  • Sanitization: The documentation does not specify sanitization or validation routines for the data received from external targets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 05:25 PM