Skills
skills/gmickel/flow-next-opencode/flow-next-opencode-ralph-init/Gen Agent Trust Hub

flow-next-opencode-ralph-init

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to resolve the repository root, check for existing configurations, and detect review backends like rp-cli.
  • [COMMAND_EXECUTION]: The skill uses chmod +x to make the generated harness scripts (ralph.sh, ralph_once.sh, and flowctl) executable within the project's local scripts/ralph/ directory.
  • [COMMAND_EXECUTION]: The generated harness scripts (ralph.sh) use embedded Python logic (heredocs) to parse JSON and track progress locally. This execution is performed using local system Python and logic provided within the skill itself.
  • [PROMPT_INJECTION]: The provided templates (prompt_plan.md, prompt_work.md) use authoritative language such as 'CRITICAL RULES' and 'AUTONOMOUS MODE ACTIVE'. These directives are used to maintain strict adherence to the autonomous harness protocol and are not attempts to bypass core AI safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 09:07 AM