summarize
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installation from a third-party Homebrew tap ('steipete/tap/summarize') which is not an officially trusted vendor repository.
- [COMMAND_EXECUTION]: The skill executes the 'summarize' binary with user-provided arguments, allowing for local file access and URL processing via shell commands.
- [CREDENTIALS_UNSAFE]: The skill instructs the user to provide multiple sensitive API keys (OpenAI, Anthropic, xAI, Google, Firecrawl, and Apify) as environment variables.
- [DATA_EXFILTRATION]: The skill reads local files (e.g., PDF) and transmits content to external AI service providers for summarization.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the processing of untrusted content from the web and video transcripts.
- Ingestion points: Data is ingested from web URLs, YouTube transcripts, and local file paths (SKILL.md).
- Boundary markers: No explicit delimiters or system instructions to ignore embedded commands are present in the CLI usage or metadata.
- Capability inventory: The skill executes a local binary with network access and the ability to read the local filesystem (SKILL.md).
- Sanitization: No evidence of input validation or output sanitization is provided in the skill documentation.
Audit Metadata