markusdowne/handoff-integrity-check
Validate agent handoff packets and resume readiness using schema, freshness, and replay checks. Use when tasks pause/resume across sessions, agents, or humans — including when a user wants to continue where they left off, hand off to another agent, resume a previous task, or pick up an interrupted workflow. Includes explicit untrusted-content/prompt-injection guardrails for third-party inputs.
100
100%
Does it follow best practices?
Impact
100%
1.31xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.70). The SKILL.md "Untrusted content guardrails" explicitly lists public websites, arbitrary URLs, social posts/comments, API responses, uploaded files, logs, emails, and messages as untrusted inputs and the required "Use this workflow" steps (schema/freshness/replay checks) show the agent will parse those handoff packets to decide whether to resume, so third-party content can materially influence actions.
- Audited
- Security analysis