Skills
skills/yeachan-heo/oh-my-claudecode/ralph/Gen Agent Trust Hub

ralph

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill implements an automated persistence loop that reads and writes to prd.json and progress.txt. This creates an indirect prompt injection surface where malicious instructions could be embedded in the task data and executed across iterations.
  • Ingestion points: prd.json, .omc/prd.json, progress.txt.
  • Boundary markers: Absent.
  • Capability inventory: Background command execution (builds, installs, tests), agent delegation via Task tool.
  • Sanitization: Absent.
  • [COMMAND_EXECUTION]: The skill explicitly authorizes the agent to execute system commands for building projects, running test suites, and managing background processes (e.g., make, docker build, cargo build).
  • [EXTERNAL_DOWNLOADS]: The instructions direct the agent to perform package installations using tools like npm, pip, and cargo, which results in the download and potential execution of external code from public registries.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:46 AM