handoff
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill performs routine developer tasks such as querying git state and GitHub issue information.
- [DATA_EXPOSURE]: The skill accesses local git history and GitHub PR/issue metadata. This is part of its core functionality to provide context for the next session and does not involve sensitive files (like SSH keys or credentials) or external exfiltration.
- [COMMAND_EXECUTION]: The skill uses shell commands (
git,gh,mktemp) for state discovery and file creation. These are standard tools used within their intended purpose for repository management. - [INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted data from git logs and GitHub issues, it explicitly instructs the agent to reference these artifacts by URL or ID rather than copying their full content. This significantly reduces the surface area for injection attacks that might target the subsequent agent session.
Audit Metadata