skills/lennney/skills/handoff/Gen Agent Trust Hub

handoff

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to save a summary document to the operating system's temporary directory, which involves a file write operation outside the current project workspace. Evidence: "Save to the temporary directory of the user's OS
  • not the current workspace.".
  • [DATA_EXFILTRATION]: The skill directs the agent to store conversation data in a location outside the controlled workspace. This risk is mitigated by an explicit safety instruction. Evidence: "Redact any sensitive information, such as API keys, passwords, or personally identifiable information.".
  • [PROMPT_INJECTION]: The skill processes untrusted conversation history to generate output, creating an indirect prompt injection surface.
  • Ingestion points: The entire current conversation history is ingested to produce the summary.
  • Boundary markers: No specific markers are used to isolate conversation content from the system instructions.
  • Capability inventory: The agent's file system writing tools are utilized to create the handoff document.
  • Sanitization: The skill includes a manual mitigation instruction to redact sensitive data before the document is finalized.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 02:27 PM
Security Audit — agent-trust-hub — handoff