Skills
skills/vadimcomanescu/codex-skills/file-organizer/Gen Agent Trust Hub

file-organizer

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs standard shell commands (ls, find, du, mv, mkdir) to interact with the local file system. These operations are within the scope of its primary purpose as a file organizer.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it processes untrusted data from the file system (filenames and file characteristics). Malicious filenames could theoretically attempt to influence the agent's categorization or move logic.
  • Ingestion points: Filenames and types are gathered via ls, find, and file commands in references/examples.md.
  • Boundary markers: No explicit boundary markers or escaping mechanisms are defined in the command templates.
  • Capability inventory: The skill uses mkdir and mv commands to restructure the filesystem as outlined in SKILL.md.
  • Sanitization: No validation or sanitization is performed on filenames before they are used in prompts or move operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 07:13 AM
Security Audit — agent-trust-hub — file-organizer