summarize-skill
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its core function involves ingesting untrusted data from the public internet.
- Ingestion points: The
summarize.pyscript uses therequestslibrary to fetch content from user-provided URLs. - Boundary markers: The skill does not implement delimiters or 'ignore instructions' warnings when presenting the fetched content to the agent, which could allow a malicious webpage to influence the agent's behavior.
- Capability inventory: The skill has network access and local file system write permissions for its caching mechanism located in the user's home directory.
- Sanitization: There is no sanitization or instruction filtering performed on the retrieved text before it is summarized and returned to the agent.
Audit Metadata