Skills
skills/getpaseo/paseo/paseo-handoff/Gen Agent Trust Hub

paseo-handoff

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user input via the $ARGUMENTS variable to construct a briefing for a second agent. This creates an indirect prompt injection surface where instructions hidden in the user's task description could influence the behavior of the receiving agent.
  • Ingestion points: User-supplied input in the $ARGUMENTS variable referenced in SKILL.md.
  • Boundary markers: The handoff prompt uses Markdown headers such as ## Task and ## Context to structure the briefing, which provides logical separation but no explicit instruction to the receiving agent to ignore potentially malicious embedded content.
  • Capability inventory: The skill uses the paseo orchestration tool to spawn and initialize new agents with project context.
  • Sanitization: There is no evidence of sanitization or filtering of user-provided task descriptions before they are passed to the next agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 08:17 AM