Skills
skills/stevengonsalvez/agents-in-a-box/handover/Gen Agent Trust Hub

handover

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill generates documents containing data from the environment (git branch names, commit history, file status) and user-provided notes. These documents are intended for consumption by other developers or AI agents. If an attacker can influence the environment (e.g., via a malicious file name or commit message), they could inject instructions into the generated document.
  • Ingestion points: User-supplied NOTES and AGENT_TASK arguments, and outputs from git branch, git log, and git status (SKILL.md).
  • Boundary markers: Uses standard Markdown headers and list structures to separate content sections.
  • Capability inventory: Local file system operations (creating directories and writing Markdown files).
  • Sanitization: None observed; the skill performs direct string interpolation into the template.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM