create-handoff
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests session history to create summaries, which can relay malicious instructions to future agents. 1. Ingestion points: Session history and local files referenced in the template. 2. Boundary markers: Markdown template structure. 3. Capability inventory: File writing to the .claude/scratchpad/ directory. 4. Sanitization: None detected.
- [Data Exposure] (SAFE): The skill accesses non-sensitive git metadata and file paths required for development handoffs.
Audit Metadata