ralph
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The primary function of the skill is to perform data transformation and structure user-provided text into a specific JSON schema for use in development workflows.
- [COMMAND_EXECUTION]: The skill includes instructions for standard file system operations such as reading and writing 'prd.json', updating 'progress.txt', and organizing files into a local 'archive/' directory. These actions are performed within the project workspace and do not involve sensitive system paths or elevated privileges.
- [PROMPT_INJECTION]: The skill defines a process for ingesting external data (PRDs), which presents an indirect prompt injection surface.
- Ingestion points: User-provided PRD text and markdown documents.
- Boundary markers: No specific delimiters are defined in the instructions to isolate input content.
- Capability inventory: The agent has permissions to write files and create directories in the local project path.
- Sanitization: No explicit content filtering is specified, although the output is constrained by a fixed JSON structure.
Audit Metadata