Skills
skills/vinvcn/mattpocock-skills-zh-cn/handoff/Gen Agent Trust Hub

handoff

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the mktemp utility to create a temporary file path. While this is a standard system operation, it involves shell command execution.
  • [PROMPT_INJECTION]: The skill incorporates user-provided arguments directly into the handoff document. This represents an indirect prompt injection surface where untrusted user input could influence the instructions or context passed to the next agent session. The skill lacks explicit boundary markers or sanitization instructions for this input.
  • Ingestion points: User-supplied arguments in SKILL.md.
  • Boundary markers: None specified.
  • Capability inventory: File system access via mktemp and shell execution.
  • Sanitization: None specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 11:09 AM