ralph-loop

SUSPICIOUS: The local compat engine is coherent and low-risk, but the optional `open` engine introduces medium trust and data-flow risk by delegating prompts and loop execution to a third-party CLI from a different publisher without install verification or clear endpoint/credential guidance. This is not confirmed malware, but the skill’s external backend footprint is only partially justified and insufficiently documented.