handoff
Pass
Audited by Gen Agent Trust Hub on Jul 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill summarizes conversation history, which acts as a source of untrusted data and represents an indirect prompt injection surface. 1. Ingestion points: Current conversation history processed in SKILL.md. 2. Boundary markers: None provided to distinguish untrusted history from the summary task. 3. Capability inventory: File-write capability to the operating system's temporary directory. 4. Sanitization: The skill explicitly instructs the agent to redact sensitive information such as API keys and passwords, though it does not explicitly filter for embedded instructions.
Audit Metadata