summarize
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing the
summarizecommand-line utility. It passes user-provided parameters such as URLs and local file paths directly to this tool. - [EXTERNAL_DOWNLOADS]: The installation process involves adding a third-party Homebrew tap (
steipete/tap/summarize) to download and install the necessary binary. - [PROMPT_INJECTION]: Because the skill is designed to ingest content from arbitrary external sources (web pages, PDFs, YouTube transcripts), it is exposed to indirect prompt injection risks. Malicious instructions embedded in the summarized content could attempt to override the agent's behavior during the summarization process.
Audit Metadata