dir-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to use terminal tools and scripts to perform file system operations, including creating directories, moving files, and renaming them. While the skill includes a safety mechanism requiring user approval of a 'reconstruction plan' before execution, the underlying capability to modify the file system is sensitive.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection. It ingests untrusted data from the local environment to function.
- Ingestion points: Section 4.1 describes reading all file names and extensions in a directory. Section 4.4 describes scanning file contents to update internal links.
- Boundary markers: The instructions do not specify any delimiters or safety warnings to ignore instructions embedded in the file names or content being processed.
- Capability inventory: The agent has the capability to move, rename, and delete (clean) files based on its interpretation of the directory structure.
- Sanitization: There is no mention of sanitizing or validating file names or content before they are used to generate the reorganization plan.
Audit Metadata