Skills
skills/qverisai/qverisbot/summarize/Gen Agent Trust Hub

summarize

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the summarize binary from a third-party Homebrew tap (steipete/tap/summarize) which is not on the trusted vendor list.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (URLs, YouTube transcripts, and local files), creating a surface for indirect prompt injection.
  • Ingestion points: Content is ingested from external URLs, YouTube video metadata/transcripts, and local file paths as described in SKILL.md.
  • Boundary markers: There are no specific delimiters or instructions provided to the agent to treat the ingested content as data rather than instructions.
  • Capability inventory: The skill utilizes a CLI tool capable of network access (fetching URLs) and file system reads.
  • Sanitization: No sanitization or filtering mechanisms for the ingested data are defined in the skill configuration.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 01:22 AM