ralph-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly fetches/clones the public GitHub repository "https://github.com/tolulawson/ralph-harness" and directs the agent to read and follow its INSTALLATION.md, meaning untrusted third-party content could be read and influence installation decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches/clones the scaffold at runtime from https://github.com/tolulawson/ralph-harness and instructs the agent to read and follow INSTALLATION.md and loader snippets from that repo, so remote content directly controls installation instructions and can introduce/execute code as a required dependency.