doc-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs 'Staleness Detection' by executing local binaries with the
--helpflag to compare their output against documentation content. This behavior involves executing code on the host system based on files found in the repository.\n- [PROMPT_INJECTION]: The skill processes content from various file types (.md,.rst,.txt,.yaml,.json), creating an indirect prompt injection surface where malicious instructions inside documentation files could influence the agent's logic during the audit or reorganization process.\n - Ingestion points: Global scan of repository documentation and configuration files.\n
- Boundary markers: Absent; the instructions do not provide delimiters or warnings to the agent to disregard instructions within the audited files.\n
- Capability inventory: File moves, merges, and deletions; execution of local binaries via help commands.\n
- Sanitization: Absent; the content is extracted and compared directly without validation or filtering.
Audit Metadata