handoff
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill includes explicit instructions for the agent to redact sensitive information such as API keys, passwords, and personally identifiable information (PII) before saving the handoff document. It writes to the user's operating system temporary directory, which is consistent with the goal of passing data between separate sessions without polluting the workspace.
- [REMOTE_CODE_EXECUTION]: The skill does not use any package managers, download remote scripts, or attempt to execute system commands.
- [PROMPT_INJECTION]: The instructions focus purely on summarization and organization tasks and do not attempt to bypass safety guidelines or override agent constraints.
- [INDIRECT_PROMPT_INJECTION]: This skill processes conversation history which is untrusted data. 1. Ingestion point: The current conversation history is processed into a summary. 2. Boundary markers: No specific delimiters are requested for the generated document. 3. Capability inventory: The skill utilizes file-writing capabilities to the local temporary directory. 4. Sanitization: The skill mandates redaction of secrets and PII. The risk is minimized as the output is a summary document and the skill lacks network exfiltration capabilities.
Audit Metadata