ralph-plan
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to facilitate codebase research and file management. These operations are restricted to the intended purpose of identifying relevant files for planning and do not involve the execution of arbitrary or untrusted scripts. - [SAFE]: The skill implements a robust 'Approval Gate' using the
AskUserQuestiontool. Behavior rules explicitly state that the agent must not finalize the PRD without user consent, ensuring that the user maintains control over the generated content and file system changes. - [SAFE]: Data processing is confined to the local environment. The skill creates and moves files within the
.claude/plans/directory for state management, with no evidence of sensitive data exposure or exfiltration to external domains. - [SAFE]: All external agent references (e.g., 'Explore' and 'Librarian') are used for internal research tasks within the workflow and do not involve downloading or executing unverifiable remote code.
Audit Metadata