The Agent Skills Directory

COMMAND_EXECUTION (LOW): The skill's primary function is to execute shell commands like find, mv, mkdir, and du to manage files. While these are legitimate for the stated purpose, they represent a significant capability tier that could be misused if the agent's logic is subverted.
PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its data processing surface.
Ingestion points: The skill reads file names and directory structures using ls and find as documented in SKILL.md.
Boundary markers: There are no explicit instructions or delimiters to help the agent distinguish between benign filenames and malicious instructions embedded in filenames.
Capability inventory: The skill possesses the ability to move (mv), create directories (mkdir), and execute diagnostic commands (file, md5) across the filesystem.
Sanitization: The skill lacks explicit sanitization instructions for handling shell metacharacters that might be present in untrusted filenames.
DATA_EXFILTRATION (SAFE): No network operations (e.g., curl, wget, fetch) were detected in the skill's instructions. All operations are confined to the local filesystem.
CREDENTIALS_UNSAFE (SAFE): There are no hardcoded secrets, and while the skill can access the home directory, it includes instructions to ask the user which sensitive data to avoid.

file-organizer