summarize
Warn
Audited by Snyk on Mar 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the CLI to summarize arbitrary web URLs and YouTube links (e.g., "Summarize URLs or files" and examples like
summarize "https://example.com"and a YouTube link), meaning the agent fetches and interprets untrusted public third‑party content which could contain instructions that influence its behavior.
Audit Metadata