ralph-knowledge-merge-and-promotion
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an ingestion surface for potentially untrusted content by extracting knowledge from various workspace artifacts.
- Ingestion points: The EXTRACT and STAGE checklists in
SKILL.mdspecify collecting evidence from tasks, reports, plans, and review artifacts. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are defined in the extraction or merging logic provided in
SKILL.md. - Capability inventory: The skill outlines capabilities for writing iteration knowledge files and merging content into the
.docs/directory as described in the EXTRACT, STAGE, and PROMOTE checklists. - Sanitization: There is no evidence of content sanitization, validation, or filtering before extracted data is written to the workspace knowledge base.
Audit Metadata