get-tldr
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a significant surface for indirect prompt injection. In
SKILL.md, the agent is strictly instructed to take the entire 'summary' property from the external API response and return it without any further summarization or modification. This 'do not alter' instruction increases the risk that the agent will obey malicious instructions hidden within a summarized website's content. - Ingestion points: Untrusted data enters the agent context via the
summarizefunction inget_tldr.py, which fetches data fromhttps://www.get-tldr.com/api/v1/summarize. - Boundary markers: There are no boundary markers or instructions telling the agent to ignore instructions embedded in the summary content.
- Capability inventory: The agent's primary capability is reading and displaying the summary, which could include instructions designed to mislead the user or the agent.
- Sanitization: No sanitization or safety filtering is performed on the text returned by the API.
- [EXTERNAL_DOWNLOADS]: The script
get_tldr.pyrequires therequestslibrary and communicates withget-tldr.comto perform its core functionality. It also maintains a local log file at~/.config/get-tldr/skill.logthat records every URL processed and the corresponding summary response.
Audit Metadata