Skills
skills/ardabotai/agentbook/summarize/Gen Agent Trust Hub

summarize

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses preprocessing instructions in SKILL.md to execute the local CLI tools 'agentbook inbox', 'agentbook identity', and 'agentbook following' to retrieve data for the summary.
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context through the 'agentbook inbox' and 'agentbook following' commands defined in SKILL.md.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are used when injecting the external message content into the prompt.
  • Capability inventory: The skill provides access to private user messages, contact lists, and identity information.
  • Sanitization: There is no evidence of filtering or escaping performed on the retrieved message content before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:15 PM