Skills
skills/phrazzld/claude-config/ralph-patterns/Gen Agent Trust Hub

ralph-patterns

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes a workflow that processes external untrusted data, creating an indirect prompt injection surface.
  • Ingestion points: The agent is instructed to use gh pr view --comments and gh run view --log-failed to fetch data from the environment.
  • Boundary markers: The instructions do not specify any delimiters or ignore-instructions to isolate this external content from the agent's core logic.
  • Capability inventory: The agent has the capability to perform git operations, modify pull requests, and spawn additional agents via Moonbridge MCP.
  • Sanitization: No data validation or sanitization steps are defined for handling the external content retrieved.
  • [COMMAND_EXECUTION]: The skill provides instructions for executing the GitHub CLI tool (gh) to perform routine repository management and CI log analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 04:47 AM