handoff
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled shell script
scripts/workspace-id.shand standard git commands (git status,git diff,git rev-parse) to determine workspace metadata and current repository state. This execution is limited to local diagnostic information required for the skill's primary purpose. - [DATA_EXFILTRATION]: The skill processes file paths and repository metadata but contains no network transmission capabilities. It includes a mandatory redaction phase in the instructions to ensure that API keys, tokens, and credentials are removed from the generated handoff files before they are written to disk.
- [SAFE]: Data storage is restricted to a local directory (
~/.agents/handoffs/), and the logic incorporates security best practices by identifying and omitting secrets from the summarized output.
Audit Metadata