externalise-handover
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by instructing the agent to summarize potentially untrusted conversational data.\n
- Ingestion points: The current conversation history is used as input for the handover file.\n
- Boundary markers: No specific delimiters or instructions to ignore embedded commands within the conversation are provided.\n
- Capability inventory: The skill directs the agent to perform file-writing operations to create .md files.\n
- Sanitization: No explicit sanitization or escaping of the conversation content is mentioned before it is written to the file.
Audit Metadata