ralph-tui-create-json
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by processing untrusted PRD documents and extracting instructions for execution.
- Ingestion points: Untrusted PRD markdown files or text input are processed to generate task definitions.
- Boundary markers: The skill lacks explicit delimiters or instructions for the agent to isolate and ignore malicious content within the source documents.
- Capability inventory: While the skill is prompt-only, it generates 'Quality Gates' consisting of shell commands that are intended for automated execution by the Ralph TUI agent.
- Sanitization: There is no logic provided to validate, sanitize, or escape the commands extracted from the PRDs before they are written to the JSON output.
- [NO_CODE]: No executable code, scripts, or binaries are included with the skill; it relies exclusively on natural language instructions.
Audit Metadata