improve
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for a standard code review and improvement workflow without any malicious patterns or deceptive logic.
- [COMMAND_EXECUTION]: The instructions incorporate the use of a local CLI tool (
.rl/rl) for task management and decision logging within a specific development environment (Ralph). These commands are used for legitimate session management and do not exhibit signs of privilege escalation or malicious activity. - [INDIRECT_PROMPT_INJECTION]: The skill identifies an attack surface by instructing the agent to process session history, including command outputs, error messages, and file changes. While this data could theoretically contain malicious instructions, the skill defines strict principles requiring grounded observations and specific citations, which acts as a mitigating control.
- [DATA_EXPOSURE]: The skill does not contain any hardcoded credentials, sensitive file access outside of the project scope, or network exfiltration patterns. It follows best practices by suggesting the extraction of magic numbers to configuration constants.
Audit Metadata