create-handoff
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local build and test commands (e.g., npm run build, cargo check, go test, make build) based on detected project configuration files. These are standard development operations intended to verify the implementation state.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests git log and diff data to populate documentation. Ingestion points: Git log and diff outputs in Step 4 and 5. Boundary markers: No explicit delimiters are used in the handoff markdown file. Capability inventory: The skill uses Bash and Write tools for file operations and command execution. Sanitization: The session name is sanitized, but the ingested git history content is not escaped or validated before being written to the output file.
Audit Metadata