organize-project
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to perform file system operations that include deletion and movement. Evidence: SKILL.md contains commands such as 'rm -rf media/temp/*' and 'mv *.mp4 media/imported/'. While these are standard for project cleanup, they pose a risk of data loss if the agent executes them in an incorrect directory or under a misunderstanding of the current state.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes data from the local environment. Ingestion points: File names and directory structures retrieved via the 'find' and 'ls' commands listed in SKILL.md. Boundary markers: Absent; there are no instructions for the agent to sanitize or ignore instructions potentially embedded in file names. Capability inventory: File system manipulation commands including 'mv', 'rm', 'mkdir', and 'ln' documented in SKILL.md. Sanitization: Absent. Maliciously crafted file names in a user's workspace could potentially influence the agent's behavior during the organization task.
Audit Metadata