summarize
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
summarizebinary via a third-party Homebrew tap (steipete/tap/summarize). This external source is not included in the trusted vendors list. - [COMMAND_EXECUTION]: The skill executes the
summarizecommand with arguments provided by the user, including URLs and file paths. This command is used to fetch and process data from external sources and the local filesystem. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from potentially untrusted sources like URLs and local files without sanitization.
- Ingestion points: Data is ingested from external URLs, YouTube transcripts, and local files (e.g., PDFs) via the
SKILL.mdinstructions. - Boundary markers: There are no explicit delimiters or instructions to the agent to ignore potentially malicious commands embedded within the fetched content.
- Capability inventory: The skill has the capability to execute commands (
summarize), access the network to fetch URL content, and read files from the local filesystem. - Sanitization: The skill does not define any sanitization or validation logic for the input data before it is processed by the summarization tool.
Audit Metadata