The Agent Skills Directory

[SAFE]: The skill instructions define a clear, restricted scope for file operations, targeting only specific curated directories like notes/, projects/, and resources/ while explicitly excluding sensitive system directories such as .git/ and .obsidian/.
[PROMPT_INJECTION]: The skill processes user-curated markdown files which could potentially contain malicious instructions, representing an indirect prompt injection surface. * Ingestion points: Markdown files within curated vault areas (SKILL.md). * Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions within the markdown files. * Capability inventory: The agent can perform file moves, renames, and directory creation, as well as modify file contents including frontmatter and links. * Sanitization: No mention of sanitizing or validating the content of the markdown files before processing them for reorganization.

vault-organize