constitution
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute specific shell commands as part of its core workflow.
- The
cpcommand is used to create new specification files from a local template directory. - A local script located at
<base>/scripts/ralphis executed to initiate task iterations based on the drafted specifications. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface where instructions could be embedded in files read by the agent.
- Ingestion points: During the 'Study' phase, the agent reads relevant files and existing patterns from the local environment to inform the draft.
- Boundary markers: There are no explicit delimiters or boundary markers mentioned in the skill instructions to separate external file content from the agent's drafting logic.
- Capability inventory: The agent has the capability to write files (
cp) and execute a local iteration script (ralph). - Sanitization: Risk is mitigated by the mandatory 'Refine' step, which requires the agent to show the drafted specification to the user for feedback and manual approval before the 'Launch' step occurs.
Audit Metadata