ralph-enhance

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is high-risk: it mandates autonomous execution of shell commands that read/copy user home files, download external scripts, modify code/DB, run tests and commit changes without further consent—behaviors that enable unauthorized data access, supply-chain modification, and remote code execution.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and interprets user-provided URL(s) and other documents (Step 1.1/1.2) and also downloads templates directly from raw.githubusercontent.com (Step 2.4), meaning it ingests open/public third‑party content that can be untrusted and influence the agent's behavior.