ralph
Warn
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill description explicitly specifies a 'persistent self-referential execution loop'. This phrasing is characteristic of instructions designed to force an AI agent into an autonomous or recursive state, which can be used to override system instructions regarding task termination, resource usage limits, and safety oversight.
- [PROMPT_INJECTION]: The instruction to 'Read and follow .agents/workflows/ralph.md step by step' redirects the agent's core execution logic to an external, non-standard configuration file. In the context of the described self-referential loop and 'independent verifier verification', this represents a mechanism to establish a custom control flow that attempts to decouple the agent from the platform's native safety and verification frameworks.
- [NO_CODE]: The skill does not contain any executable scripts, binaries, or source code, relying entirely on markdown-based instructions to manipulate the agent's behavior.
Audit Metadata