skills/rohitg00/agentmemory/handoff/Gen Agent Trust Hub

handoff

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by ingesting and processing session data that could contain instructions.
  • Ingestion points: Session summaries and observations are fetched from the memory_sessions and memory_recall MCP tools (or the fallback HTTP API) and presented to the agent in SKILL.md.
  • Boundary markers: The skill does not use explicit delimiters (such as XML tags or specific markdown blocks) or safety instructions to distinguish retrieved memory content from current instructions.
  • Capability inventory: The skill utilizes memory retrieval tools and has network capabilities via HTTP fallback for POSTing and GETing session data.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the retrieved content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 11:08 AM
Security Audit — agent-trust-hub — handoff