tgravity-work-project-folder-organizer
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill audits and reads content from various user-provided Markdown files (e.g., README.md, SOURCE_OF_TRUTH.md) to categorize projects and propose structural changes. This behavior creates an attack surface where malicious instructions embedded in these untrusted files could influence the agent's output or actions during the audit process.
- Ingestion points: Reads root-level documentation files (
README.md,AGENTS.md,CLAUDE.md, etc.) from the target project directory as specified in the workflow inSKILL.md. - Boundary markers: Absent; the instructions do not implement explicit delimiters or guidance to ignore embedded instructions within the audited documents.
- Capability inventory: The skill allows the agent to scan directory trees, move files (after user confirmation), and write new Markdown rule files.
- Sanitization: Absent; the skill does not specify sanitization or validation of the content read from the files before processing it.
- [DATA_EXPOSURE]: The skill explicitly references sensitive files and credentials (e.g., API keys, tokens, secrets, contracts) within its safety boundary definitions (
references/safety-boundaries.md). These references are used defensively to mandate that such files are never moved automatically and are flagged for manual review, thereby reducing the risk of accidental data exposure.
Audit Metadata