Skills
skills/vamdawn/ai-forge/content-summarizer/Gen Agent Trust Hub

content-summarizer

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes python3 to run a classification script (scripts/detect_content_type.py) and uses the GitHub CLI (gh) to retrieve repository details.
  • [EXTERNAL_DOWNLOADS]: Content is downloaded from various external platforms, including GitHub, Reddit, Hacker News, and Twitter/X, using curl, WebFetch, and agent-browser.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from the web.
  • Ingestion points: Arbitrary content is fetched from URLs provided by the user and processed in Step 1 and 2.
  • Boundary markers: The prompt instructions do not include specific delimiters or guidelines to ignore embedded instructions in the fetched content.
  • Capability inventory: The skill allows for file system modification (Write, Edit) and network communication (curl, agent-browser).
  • Sanitization: No explicit sanitization or filtering is performed on the scraped content prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:01 PM