ralphmode
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill provides explicit instructions to bypass tool-level security constraints using flags like --dangerously-skip-permissions, --dangerously-bypass-approvals-and-sandbox, and --yolo. These instructions encourage the agent to operate in high-autonomy modes that disregard standard safety filters and permission prompts.\n- [COMMAND_EXECUTION]: Instructs the creation and deployment of local shell scripts (ralph-safety-check.sh and ralph-tier1-check.sh) to be used as tool hooks. These scripts execute shell commands and manage tool-provided input via python3 and grep to implement a custom, bypassable command filtering mechanism.\n- [EXTERNAL_DOWNLOADS]: The skill references external documentation and resources from agentskills.io, anthropic.com, openai.com, and github.com/google-gemini. These are recognized as trusted or well-known service providers and the references are documented here neutrally.
Recommendations
- AI detected serious security threats
Audit Metadata