The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's Python scripts execute local git and whoami commands to retrieve repository status and system information. In scripts/handoff_lib.py, the run_git and current_user functions utilize subprocess.run to call git -C and whoami respectively. These calls are made using list-style arguments without shell=True, preventing shell injection. The arguments passed are controlled by internal logic or validated CLI parameters.- [SAFE]: The skill operates entirely on the local file system within the user's specified project or workspace root. All file operations in scripts/handoff_lib.py, scripts/create_handoff.py, and other scripts use pathlib and are restricted to the repository or workspace paths. No network operations or remote code execution patterns were found in the codebase. The skill includes logic in scripts/handoff_lib.py (foreign_absolute_paths) to detect and warn about absolute paths outside the project root, promoting data portability and security awareness.

handoff-memory