summarize
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the 'summarize' CLI binary to perform summarization tasks based on user-provided arguments.
- [EXTERNAL_DOWNLOADS]: Recommends installing a binary from a third-party Homebrew tap ('steipete/tap/summarize') which is not on the trusted vendors list.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection via processed URLs or local files.
- Ingestion points: External URLs and local file content passed as arguments in 'SKILL.md'.
- Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are present in the skill definition.
- Capability inventory: The 'summarize' command reads local files and communicates with external LLM APIs (OpenAI, Anthropic, Google, etc.).
- Sanitization: No sanitization of ingested content is performed before being processed by the CLI tool.
Audit Metadata