summarize
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'summarize' utility from a third-party Homebrew tap (steipete/tap/summarize). While common for CLI tools, this creates a dependency on an external repository that is not part of the trusted vendors list.\n- [COMMAND_EXECUTION]: The skill executes the 'summarize' binary to process user-provided URLs and file paths. This is the primary function of the skill, and the tool uses various flags and environment variables for its operation.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external sources.\n
- Ingestion points: The skill ingests content from arbitrary URLs, local files (e.g., PDFs), and YouTube transcripts via the 'summarize' command.\n
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill's instructions to the agent.\n
- Capability inventory: The skill executes a binary with network and filesystem access capabilities as part of its normal operation.\n
- Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external sources before it is returned to the agent's context.
Audit Metadata