视觉系文件分类大师 (Visual File Sorter)

Files in Downloads or Desktop could be renamed or moved in bulk in a way that is hard to undo or that breaks user workflows.

The declared filesystem write scope is only the Sorted directory, but the workflow tells the agent to use shell commands to rename and move files from Downloads/Desktop. Shell use can bypass the apparent scoped filesystem boundary, and no approval or rollback is specified.

A malicious or unsafe downloaded file could be launched during sorting instead of merely inspected.

The skill instructs the agent to open every queued file with the operating system default handler. In Downloads/Desktop, that may include executables, installers, scripts, macro-enabled documents, or other active content.

Private details from invoices, contracts, images, or other desktop/downloaded files may be processed by the model and reflected in filenames.

The skill intentionally has the agent visually inspect broad local folders and extract metadata from potentially sensitive documents. This is purpose-aligned, but the artifacts do not define exclusions, retention behavior, or whether the default vision channel is local or remote.