ralphmode
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides instructions and 'YOLO' presets designed to bypass built-in safety guidelines and approval mechanisms. It encourages using modes like 'bypassPermissions' and '--dangerously-skip-permissions' to remove operational constraints.
- [COMMAND_EXECUTION]: Facilitates unrestricted shell command execution by providing configurations that set 'approval_policy = "never"' and 'sandbox_mode = "danger-full-access"' in Codex CLI, effectively disabling manual review of agent actions.
- [COMMAND_EXECUTION]: Includes hook scripts for Claude and Gemini that attempt to block dangerous commands using a regular expression denylist. This approach is inherently insecure as it can be bypassed by alternative command syntax, shell aliases, or environment variable manipulation.
Audit Metadata