Skills
skills/steveonead/agent-skills/ito-handoff/Gen Agent Trust Hub

ito-handoff

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill creates a handoff file that summarizes the current conversation context, which may include untrusted user input. If a user provides malicious instructions during the session, these could be persisted in the markdown file and potentially influence the behavior of the next AI session that reads it.
  • Ingestion points: Current conversation context and optional user arguments in SKILL.md.
  • Boundary markers: Absent. The instructions do not specify using delimiters or warnings to ignore embedded instructions within the handoff file.
  • Capability inventory: File write operations to the docs/ito-temp/handoff/ directory (SKILL.md).
  • Sanitization: Absent. There are no explicit instructions to sanitize or filter the conversation content before writing it to the filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 04:20 PM
Security Audit — agent-trust-hub — ito-handoff