add-tools-and-handoffs

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a developer guide for the getpatter library, providing code snippets for tool definition and call management.
  • [PROMPT_INJECTION]: The skill describes an architecture that ingests data from external sources (e.g., CRM lookups and webhooks), which constitutes an indirect prompt injection surface.
  • Ingestion points: Output from the lookup_customer function and the specified webhook_url (SKILL.md).
  • Boundary markers: Not specified in the tutorial examples.
  • Capability inventory: The agent has access to transfer_call and end_call actions (SKILL.md).
  • Sanitization: No sanitization or validation of the fetched data is shown in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:57 PM
Security Audit — agent-trust-hub — add-tools-and-handoffs