Skills
skills/doyoonear/skills-and-agents/ralph-planner/Gen Agent Trust Hub

ralph-planner

Fail

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses caffeinate -dims to programmatically prevent macOS from sleeping, which is a privileged power management operation intended to keep the automated loop running indefinitely without user presence.
  • [COMMAND_EXECUTION]: The script stop-hook.sh uses sed -i to modify local state files and uses exit 2 codes specifically designed to hijack the AI's termination process and force it into an infinite 'self-referencing' loop.
  • [REMOTE_CODE_EXECUTION]: While not downloading external binary code, the skill implements a 'Stop Hook' mechanism that performs 'Prompt Re-injection'. This allows the skill to bypass standard AI session limits by programmatically feeding instructions back into the model's input stream (via cat "$PROMPT_FILE" followed by exit 2), effectively creating a remote-controlled execution loop.
  • [DATA_EXFILTRATION]: The skill tracks user activity across terminal sessions using $TERM_SESSION_ID and $ITERM_SESSION_ID, storing this metadata in hidden .ralph/ directories.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 6, 2026, 06:38 AM