ralph-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md Step 2 and Step 3) performs a git clone from the public URL https://github.com/Olunuga/ralph-loop and copies in scripts and LLM gate prompt files (scripts/gates/llm/.md and PROMPT_.md), so untrusted, user-generated repository content is ingested and can directly influence agent decision-making and tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill runs git clone https://github.com/Olunuga/ralph-loop at runtime to pull remote PROMPT_.md and scripts/gates/llm/.md (LLM prompts) and executable scripts into the project, which directly control agent prompts and can execute code, making it a required external dependency.