ralph-plan
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection because it is instructed to incorporate data from the codebase and user dialogue into its output. Evidence: 1. Ingestion points: 'Step 1: Understand the Goal' and 'Guideline 3: Research the Codebase'. 2. Boundary markers: Absent for input processing. 3. Capability inventory: Generates XML-formatted command blocks for other agents. 4. Sanitization: Absent.
Audit Metadata