smart-folder-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the ingestion and processing of external document content.
- Ingestion points: The skill extracts text from user-provided PDF files via the 'scripts/extract_pdf_metadata.py' script.
- Boundary markers: The instructions do not define clear delimiters or use 'ignore embedded instructions' warnings when presenting the extracted document text to the AI model for analysis.
- Capability inventory: The agent has the authority to move and rename files across the target directory and its subdirectories based on the outcomes of its semantic reasoning.
- Sanitization: No sanitization, filtering, or validation is performed on the extracted PDF content before it is passed to the AI model for classification.
Audit Metadata