The skill facilitates cross-session prompt injection by allowing arbitrary local file state to be loaded into new contexts, posing a significant risk of malicious instruction poisoning.
npx skills add https://github.com/xoonjaeho/claude-skill-handoffSkill name or description references a well-known AI brand, which may suggest impersonation.
claude
The skill implements a mechanism to inject arbitrary state from a local file into a new session context, which could be exploited to inject malicious instructions or 'poison' the agent's memory across session boundaries. [ensemble: confirmed by 3/3 passes; severity set to the agreed median (ADR-0067).]
a SessionStart hook (if installed) re-injects it into the new context
Skill body contains no code blocks or usage examples, making it harder for users to evaluate.
Skill does not specify a license field. Specifying a license helps users understand usage terms.
[](https://mondoo.com/ai-agent-security/skills/github/xoonjaeho/claude-skill-handoff)<a href="https://mondoo.com/ai-agent-security/skills/github/xoonjaeho/claude-skill-handoff"><img src="https://mondoo.com/ai-agent-security/api/badge/github/xoonjaeho/claude-skill-handoff.svg" alt="Mondoo Skill Check" /></a>https://mondoo.com/ai-agent-security/api/badge/github/xoonjaeho/claude-skill-handoff.svgSkills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.