pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: The skill defines a framework for managing task sequences. Analysis of the provided content reveals no evidence of malicious intent, obfuscation, or unauthorized operations.- [PROMPT_INJECTION]: The orchestration of artifacts between stages constitutes a surface for indirect prompt injection. Ingestion points: StageContext accumulates artifacts like 'prd-*.md' from the 'ralplan' stage. Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for stage inputs. Capability inventory: The skill delegates tasks to 'team-exec' (Codex CLI workers) and 'ralph-verify'. Sanitization: No explicit sanitization or validation of stage outputs is described.- [DATA_EXFILTRATION]: The skill uses an internal file at '.omx/state/pipeline-state.json' for state persistence and resume support. This is a local operational mechanism and does not involve unauthorized network transmission of sensitive information.
Audit Metadata