prps-agentic-engineering
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation process requires cloning a remote repository from a third-party GitHub account (https://github.com/Wirasm/PRPs-agentic-eng.git) and copying executable scripts into the local environment.
- [COMMAND_EXECUTION]: The methodology involves creating and executing shell scripts (e.g., '.claude/hooks/prp-ralph-stop.sh') and requires granting execution permissions via 'chmod +x'.
- [COMMAND_EXECUTION]: The 'Ralph Loop' functionality relies on the autonomous execution of project-specific build and test commands such as 'npm test', 'npm run build', and 'npm run lint' to validate AI-generated code changes.
- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface through the '/prp-issue-investigate' command.
- Ingestion points: Data is fetched from external GitHub issues (attacker-controlled content).
- Boundary markers: None identified in the provided instructions to differentiate issue content from agent instructions.
- Capability inventory: The skill has capabilities for file system modification, git operations, and subprocess execution across multiple scripts.
- Sanitization: There is no evidence of sanitization or filtering of the content retrieved from GitHub before it is processed by the agent to create implementation plans.
Audit Metadata