The Agent Skills Directory

[COMMAND_EXECUTION]: The orchestrator script scripts/ralph_loop.py automates repository management by executing git commands such as status, add, and commit using the subprocess module. These calls use the secure list-based argument format which avoids shell interpolation, but they constitute automated command execution within the user's workspace.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and parses TASK-*.md files from the local environment. Metadata like task titles and descriptions are extracted and incorporated into the agent's logic and output without sanitization.\n
Ingestion points: scripts/ralph_loop.py parses files in the tasks/ directory using the parse_task_file function.\n
Boundary markers: Absent. The skill does not use delimiters or instructions to prevent the agent from following commands embedded in task metadata.\n
Capability inventory: The skill utilizes Bash, Write, and Edit tools and can execute Git commands via its Python script.\n
Sanitization: None. Extracted strings from YAML frontmatter are used directly in logic and console output.

ralph-loop