Skills
skills/jellydn/my-ai-tools/handoffs/Gen Agent Trust Hub

handoffs

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted conversation history and user-supplied purposes, creating an indirect prompt injection surface. Malicious instructions within the conversation could theoretically be included in the generated handoff file.
  • Ingestion points: $ARGUMENTS and conversation history.
  • Boundary markers: Employs <purpose> and <analysis> tags for structure.
  • Capability inventory: Writes markdown files to the local .claude/handoffs/ directory.
  • Sanitization: Content is summarized and reorganized rather than strictly sanitized.
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations, specifically creating a directory and writing markdown files. These actions are limited to the local .claude/handoffs/ path and align with the skill's stated purpose of persisting session state.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:36 AM