skills/bmal/skills/handoff/Gen Agent Trust Hub

handoff

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill instructs the agent to use the standard mktemp utility to create secure temporary files for storing session handoff documents. This is a secure practice for managing ephemeral data on the filesystem.\n- [PROMPT_INJECTION]: The skill processes untrusted conversation history and user arguments to generate its summaries, which constitutes an indirect prompt injection surface. This is the primary intended function of the skill and poses minimal risk due to the lack of sensitive capabilities.\n
  • Ingestion points: Conversation history and user-supplied arguments from the handoff command invocation.\n
  • Boundary markers: The instructions do not specify any delimiters or safety markers to isolate potentially malicious commands within the summarized text.\n
  • Capability inventory: The skill has the ability to write to temporary file paths generated at runtime.\n
  • Sanitization: No explicit sanitization or filtering of the ingested content is described before it is written to the handoff file.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 10:59 AM