File Organizer

Security checks across malware telemetry and agentic risk

Overview

This file-organizing skill is mostly purpose-aligned, but its skip-confirmation mode can overwrite existing files despite strong safety claims.

Review this before installing if you plan to let an agent execute it. Use dry-run first, inspect destination conflicts, avoid --execute --yes unless you have backups, and treat generated reports as private because they can expose local file names and paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The script claims it "NEVER deletes files" and "only moves them," but in execute mode with --yes it will call shutil.move even when the destination already exists. On many platforms this can overwrite or replace the destination file, causing silent data loss and violating the stated safety guarantee, which is especially risky for an automation tool that users may trust based on that wording.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The conflict warning explicitly says re-running with --yes will overwrite existing destinations, confirming that the tool can replace files despite advertising that it never deletes anything. Overwriting an existing destination effectively destroys prior contents and can lead to unintended data loss when organizing large file sets non-interactively.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal