summarize
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local 'summarize' binary with user-provided arguments, enabling it to process external URLs and local document paths.
- [EXTERNAL_DOWNLOADS]: Installation of the required tool is performed via a third-party Homebrew tap ('steipete/tap/summarize'), which involves downloading and installing external software.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted data from external sources.
- Ingestion points: Data is ingested from external URLs, YouTube video transcripts, and local files (e.g., PDFs) using the 'summarize' tool.
- Boundary markers: No specific delimiters or safety instructions are defined in the skill's logic to isolate untrusted content from the agent's instructions.
- Capability inventory: The tool executes a local binary that performs network requests and reads local file system data.
- Sanitization: There is no evidence of content sanitization or validation of the extracted text before it is returned to the agent context.
Audit Metadata