summarize
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill installs the 'summarize' binary via a personal Homebrew tap 'steipete/tap/summarize'. This source is not on the trusted organizations list, meaning the code has not been vetted by a trusted entity.
- COMMAND_EXECUTION (LOW): The skill executes the 'summarize' CLI tool with arguments derived from user-supplied URLs and local file paths.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted data from external URLs and YouTube transcripts. 1. Ingestion points: URL parameters and local file paths in 'SKILL.md'. 2. Boundary markers: None present in the instructions to prevent the model from obeying instructions found within the fetched content. 3. Capability inventory: Execution of an external binary that performs network operations and file reading. 4. Sanitization: None provided for the ingested content.
Audit Metadata