ralph
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted PRD data to generate structured JSON, which is a standard injection surface.
- Ingestion points: Untrusted user-provided PRD text or markdown files.
- Boundary markers: Absent; the skill does not define specific delimiters to isolate the PRD content from the agent's instructions.
- Capability inventory: The skill utilizes file system capabilities to write 'prd.json' and 'progress.txt', and to create archive directories.
- Sanitization: Absent; there are no instructions to sanitize or escape potentially malicious instructions embedded within the PRD text.
Audit Metadata