ralph-json-create-issues
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Susceptibility to Indirect Prompt Injection (Category 8).
- Ingestion points: Reads markdown files from
.claude/plans/,plans/, andprds/directories. - Boundary markers: Absent. The skill instructions do not include delimiters or specific warnings to ignore instructions embedded within the markdown content being converted.
- Capability inventory: The skill performs file system write operations to the
prds/directory to save generated JSON files. - Sanitization: Absent. There is no evidence of content escaping or validation of the input markdown text before it is processed into user stories.
- [DATA_EXFILTRATION] (SAFE): No access to sensitive system files (e.g., credentials, SSH keys) or network operations to external domains were detected.
- [COMMAND_EXECUTION] (SAFE): The skill does not contain logic to execute arbitrary shell commands or spawn subprocesses.
Audit Metadata