ralph-loop-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of various developer CLI tools including Vercel, Neon, GitHub, and Sentry, as well as project-specific build and test scripts via
bun run. These operations are gated by a 'preflight check' that verifies installation and authentication status. - [INDIRECT_PROMPT_INJECTION]: The skill implements an autonomous loop that reads codebase content and infrastructure configurations to determine its actions. This creates a surface where untrusted data could influence agent tasks.
- Ingestion points: The agent reads the codebase state,
.cursor/mcp.json, andpackage.jsonto infer the development environment. - Boundary markers: No explicit markers are used to separate untrusted codebase content from the agent's steering instructions.
- Capability inventory: The agent has the ability to execute shell commands, write files, and interact with a browser via
agent-browser. - Sanitization: The skill relies on the agent's 'first-principles thinking' for task breakdown rather than specific input sanitization.
Audit Metadata