markdown-organizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to read and format external Markdown files. This processing of untrusted data creates a surface for indirect prompt injection.
- Ingestion points: External Markdown files accessed via the Read tool.
- Boundary markers: Absent; the skill lacks delimiters or instructions to ignore embedded commands in files.
- Capability inventory: The skill utilizes Read and Write tools to modify the filesystem.
- Sanitization: None; content is processed directly without escaping or validation.
- [No Code] (SAFE): The skill contains no executable scripts, binaries, or package dependencies, which eliminates risks such as remote code execution or dependency confusion.
Audit Metadata