ralph-security
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git rev-parse --show-toplevelandgit remote -vto detect the project stack and environment. These commands are localized to the reconnaissance phase and are necessary for the tool's auditing functionality. - [DATA_EXPOSURE]: The instructions direct the agent to scan sensitive files like
.env, secrets, and configuration manifests. This is the primary intended use case for a security audit tool and is performed to identify vulnerabilities rather than to exfiltrate data. - [PROMPT_INJECTION]: The skill processes untrusted external data (the user's source code and configuration files), which constitutes an indirect prompt injection surface.
- Ingestion points: Reads files such as
package.json,pyproject.toml,.env, andDockerfilefrom the target project. - Boundary markers: None explicitly defined for data ingestion.
- Capability inventory: Includes file-read access and the execution of basic Git CLI commands.
- Sanitization: The skill includes a 'VERIFY' step requiring the agent to cross-reference findings with library documentation and project constraints before reporting, which acts as a logical control against false positives.
Audit Metadata