summarize
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
summarizecommand-line utility to process local files and remote URLs. - [EXTERNAL_DOWNLOADS]: Installs the
summarizebinary using the Homebrew package manager from a developer-maintained repository (steipete/tap/summarize). - [DATA_EXFILTRATION]: Performs network operations to fetch content from external websites and YouTube for summarization, which is the primary intended function of the tool.
- [PROMPT_INJECTION]: The skill processes untrusted external data which presents a surface for indirect prompt injection. 1. Ingestion points: Data is retrieved from arbitrary URLs, local PDF/image/audio files, and YouTube links (SKILL.md). 2. Boundary markers: None explicitly defined within the skill instructions to separate remote content from agent instructions. 3. Capability inventory: Execution of the
summarizeshell command and subsequent LLM processing of the returned text (SKILL.md). 4. Sanitization: No sanitization or filtering of the fetched content is described.
Audit Metadata