summarize
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing the 'summarize' CLI tool from a third-party Homebrew tap ('steipete/tap/summarize').
- [COMMAND_EXECUTION]: The skill runs the 'summarize' tool as a subprocess to handle various file types and URLs provided by the user.
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by ingesting and processing untrusted data from external sources. \n- Ingestion points: Untrusted text from URLs and video transcripts is processed by the skill as described in the SKILL.md documentation. \n- Boundary markers: The skill does not implement boundary markers or specific guards to prevent the LLM from following instructions embedded within the summarized content. \n- Capability inventory: The 'summarize' binary performs network requests to LLM provider APIs and reads local system files. \n- Sanitization: No sanitization or validation of external content is performed before processing by the LLM.
Audit Metadata