bmad-handoff
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for local data processing and follows the principle of least privilege by using only necessary file system tools. It extracts specific fields from story files and compiles them into a structured JSON manifest without executing the content. There are no indications of prompt injection, data exfiltration, or unauthorized command execution. The logic includes instructions for external tools to maintain data integrity, which is a positive security practice.
Audit Metadata