doc-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include the use of common shell utilities such as tree, find, mkdir, and mv to perform directory analysis and file reorganization. These operations are limited to the local file system and are used in service of the skill's primary function.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and analyzes the content of user documents to determine their purpose and generate index entries. An attacker could embed instructions within these documents to manipulate the agent's behavior during the organization process.
- Ingestion points: The agent accesses and parses file paths and document contents within user-specified documentation directories (e.g., in the 5-Step Reorganization Process).
- Boundary markers: No specific delimiters or safety instructions are defined to separate document content from the agent's internal logic.
- Capability inventory: The skill allows for significant file system modifications (moving/renaming files) and the generation of new documentation indices.
- Sanitization: There is no evidence of content sanitization or validation to prevent the execution of instructions found within processed files.
Audit Metadata