paseo-handoff
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard task-handoff workflow designed to transfer state between agents with no context retention. The process uses a structured template to ensure all relevant information is captured without involving dangerous system calls or external dependencies.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it interpolates user-supplied arguments into a prompt intended for a secondary agent.
- Ingestion points: User arguments are ingested via the
$ARGUMENTSplaceholder inSKILL.md. - Boundary markers: The briefing template uses clear Markdown headers (e.g., ## Task, ## Context) to structure information, though it lacks explicit instructions for the receiving agent to ignore potential commands within the context fields.
- Capability inventory: The skill's primary capability is the automated creation of a new agent via the 'Paseo' orchestration tool using the generated briefing.
- Sanitization: No sanitization is performed on user arguments; however, the structured nature of the handoff template serves as a natural delimiter.
Audit Metadata