summarize
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references an external CLI utility ('summarize') recommended for installation via Homebrew from a developer repository.
- [COMMAND_EXECUTION]: The core logic involves executing shell commands using the 'summarize' binary to process user-input URLs or file system paths.
- [CREDENTIALS_UNSAFE]: Documentation provides standard instructions for configuring API keys using local environment variables, avoiding hardcoded secrets.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted data.
- Ingestion points: Content is fetched and processed from arbitrary URLs and file paths provided as arguments to the 'summarize' command in SKILL.md.
- Boundary markers: No explicit boundary markers or 'ignore' instructions are used to delimit the summarized content from agent instructions.
- Capability inventory: The skill performs shell command execution using the 'summarize' binary.
- Sanitization: No sanitization or filtering of the processed content is specified in the instruction set.
Audit Metadata