ralph
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted PRD documents and converts them into a structured format for autonomous execution, creating an indirect injection surface.
- Ingestion points: External markdown or text PRD files processed by the agent as described in 'The Job' section.
- Boundary markers: The instructions do not define delimiters or safety markers to isolate processed data from agent instructions within the requirements.
- Capability inventory: The skill utilizes 'Read' and 'Write' tools to manipulate system files, including 'prd.json' and the 'archive' directory.
- Sanitization: No validation or sanitization mechanisms are in place to inspect the contents of the input PRD before inclusion in the final JSON output.
Audit Metadata