handoff
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructs the agent to use the standard
mktemputility to create secure temporary files for storing session handoff documents. This is a secure practice for managing ephemeral data on the filesystem.\n- [PROMPT_INJECTION]: The skill processes untrusted conversation history and user arguments to generate its summaries, which constitutes an indirect prompt injection surface. This is the primary intended function of the skill and poses minimal risk due to the lack of sensitive capabilities.\n - Ingestion points: Conversation history and user-supplied arguments from the
handoffcommand invocation.\n - Boundary markers: The instructions do not specify any delimiters or safety markers to isolate potentially malicious commands within the summarized text.\n
- Capability inventory: The skill has the ability to write to temporary file paths generated at runtime.\n
- Sanitization: No explicit sanitization or filtering of the ingested content is described before it is written to the handoff file.
Audit Metadata