ralph-deploy
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads and installs the ralph-cli utility from the GitHub repository mikeyobrien/ralph-orchestrator using cargo install.
- [COMMAND_EXECUTION]: Automates the setup and management of orchestrator sessions by executing shell commands via tmux.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection risk in scripts/monitor.sh where untrusted project data is processed.
- Ingestion points: Event payloads read from ralph events and task descriptions from .ralph/agent/scratchpad.md (processed in scripts/monitor.sh).
- Boundary markers: Absent; raw data is directly interpolated into a prompt for summarization.
- Capability inventory: The script executes external LLM CLI tools including claude, codex, and aichat (in scripts/monitor.sh).
- Sanitization: No sanitization or validation is performed on the ingested data before it is passed to the LLM interface.
Audit Metadata