project-handoff
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs static analysis of project files for documentation purposes. It scans structure and configuration manifests without executing code or requesting sensitive credentials.
- [PROMPT_INJECTION]: The skill ingests codebase data from files like package.json and source files to populate documentation templates, which represents a surface for indirect prompt injection. 1. Ingestion points: package.json, .env.example, src directory, and deployment configuration files. 2. Boundary markers: Absent. 3. Capability inventory: File system read access and file system write access to the handoff directory. 4. Sanitization: Absent.
Audit Metadata