summarize

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill automates the installation of the summarize CLI utility using the Homebrew package manager from a third-party repository (steipete/tap/summarize).
  • [COMMAND_EXECUTION]: The agent is instructed to invoke the summarize command to process various user-provided inputs including URLs and local file paths.
  • [PROMPT_INJECTION]: The skill ingests and processes content from external, untrusted sources such as web URLs and local files, which creates a potential surface for indirect prompt injection.
  • Ingestion points: Data enters the agent's context through content extracted from URLs and local files passed to the summarize command.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the external content being processed.
  • Capability inventory: The skill utilizes shell command execution to run the summarize tool, which performs network requests and file reads.
  • Sanitization: No explicit sanitization or validation of the summarized content is defined in the skill logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:07 AM
Security Audit — agent-trust-hub — summarize