super-ralph-wiggum
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill implements an autonomous loop where previous outputs and external data are fed back as instructions. * Ingestion points: progress.txt and prd.json are injected via @file references in setup-ralph-loop.sh. * Boundary markers: Uses COMPLETE as a marker. * Capability inventory: Agent has access to bash, read_file, and write_file. * Sanitization: Absent.
- [COMMAND_EXECUTION] (LOW): Shell scripts (setup-ralph-loop.sh, stop-hook.sh) manage loop execution and state using system utilities like jq and perl. The use of exit hooks to block session termination is a powerful capability that requires trust in the loop's instructions.
Audit Metadata