Skills
skills/involvex/skills/file-organizer/Gen Agent Trust Hub

file-organizer

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as ls, find, du, mkdir, and mv to analyze and organize the filesystem. These commands are executed based on user-defined target directories and are core to the skill's operation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the filesystem (filenames and metadata) and has the capability to move or rename files.
  • Ingestion points: File names, metadata, and types are retrieved from the local filesystem via ls, find, and file commands in SKILL.md.
  • Boundary markers: The skill lacks explicit instructions or delimiters to ensure the agent ignores potential instructions embedded within the filesystem data it processes.
  • Capability inventory: The skill includes commands for creating directories (mkdir) and moving/renaming files (mv).
  • Sanitization: No specific sanitization or validation of the filenames or metadata is mentioned before the data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 09:58 PM