handoff
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run common development CLI tools like
gitandgh(GitHub CLI) to capture the current repository state, such as the current branch, commit hash, and open pull requests. These commands are legitimate for the skill's purpose of documenting project status. - [SAFE]: The skill specifically includes a requirement for the agent to redact secrets and personally identifiable information (PII) before saving the handoff document, which is a security best practice for data protection.
- [SAFE]: The practice of saving handoff documents to the OS temporary directory rather than the workspace minimizes the risk of polluting the project repository with temporary or intermediate artifacts.
Audit Metadata