summarize
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
telclaudeCLI tool to fetch and process content from external URLs. This operation is limited to the skill's primary purpose of summarization and does not involve arbitrary command execution. - [PROMPT_INJECTION]: The skill handles untrusted data from external websites, creating a surface for indirect prompt injection.
- Ingestion points: Extracted content from arbitrary URLs (articles, YouTube transcripts, etc.) enters the agent context via the
telclaude summarizecommand. - Boundary markers: The output format uses a clear
---delimiter to separate structured metadata from the potentially untrusted extracted content. - Capability inventory: The skill uses a specialized CLI tool for retrieval and does not have write access to the file system or environment beyond the temporary command execution.
- Sanitization: The tool extracts readable text/markdown, which provides a layer of structural validation against raw HTML injection.
Audit Metadata