ralph-loop
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes an autonomous iteration framework with clear safety boundaries. It implements a dual-mode architecture that prevents host/router trapping and requires explicit activation via the RALPH_ACTIVE environment variable.
- [PROMPT_INJECTION]: The skill utilizes prompt re-injection as a core feature for task iteration. This mechanism is secured through mandatory completion signals, binary verification criteria, and maximum iteration caps (default 25) to prevent runaway processes.
- [DATA_EXFILTRATION]: Analysis of the state management scripts confirms that file operations are confined to the project's .claude/ directory. No unauthorized data access or network transmission of sensitive information was found.
- [REMOTE_CODE_EXECUTION]: The skill's implementation relies on standard Node.js functionality for file I/O and schema validation. It does not download external scripts or execute remote code from untrusted sources.
Audit Metadata