file-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates and executes shell commands such as find, ls, du, mkdir, and mv to perform file system analysis and reorganization. These operations are conducted locally, and the skill's instructions mandate that the agent must obtain explicit user approval before executing any file moves, renames, or deletions.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes file names and metadata which could contain malicious instructions. 1. Ingestion points: File listing and metadata are ingested via ls and find in the SKILL.md instructions. 2. Boundary markers: No explicit delimiters are used when processing file data. 3. Capability inventory: The agent has the ability to move, rename, and suggest deletion of files. 4. Sanitization: The skill does not mention sanitizing or escaping file names before they are processed by the language model.
Audit Metadata