skills/adobe/skills/handover/Gen Agent Trust Hub

handover

Pass

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches Playwright and the Chromium browser engine from official package registries to support browser-based authentication. This is a standard practice for automating web-based login flows in developer tools.
  • [COMMAND_EXECUTION]: Employs shell commands to navigate the project structure, verify project type (via scripts/aem.js), and manage local configuration. These operations are limited to the local project environment.
  • [DATA_EXFILTRATION]: Communicates with official Adobe domains (admin.hlx.page) to retrieve site configuration and perform authentication. The skill does not transmit sensitive data to unauthorized third-party services.
  • [CREDENTIALS_UNSAFE]: Manages session tokens by storing them in a .claude-plugin/ directory and automatically adding this path to .gitignore to prevent accidental inclusion in version control, following standard local secret management practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 22, 2026, 03:19 PM
Security Audit — agent-trust-hub — handover