ralph
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes external files and executes actions based on their content.
- Ingestion points: The agent is instructed to read PRD files from paths like 'docs/tasks/PRD-feature.md'.
- Boundary markers: There are no instructions providing delimiters or 'ignore' warnings for content within the ingested files.
- Capability inventory: The agent has the capability to modify the local filesystem and run 'Quality Gates' (which typically involves executing shell commands or test runners).
- Sanitization: No sanitization or validation of the PRD content is performed before processing.
- [NO_CODE]: The skill consists entirely of markdown instructions and does not include any executable scripts, binaries, or source code files.
Audit Metadata