Back to skill
Skillv1.1.0
VirusTotal security
Ralph Loop (Agent Mode) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:31 AM
- Hash
- d8455f6050735e7e3fc23c24f3c258295453a8213274cc75ddd3846c6454507f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ralph-loop-agent Version: 1.1.0 This skill is classified as suspicious due to several high-risk capabilities. The primary concern is a clear command injection vulnerability where the content of `PROMPT.md` is directly executed as part of shell commands via `exec tool ... "$(cat PROMPT.md)"` (seen in SKILL.md and README.md). This allows a malicious user or agent to inject arbitrary commands. Additionally, the skill explicitly documents and instructs the agent to accept and use highly risky flags like `--yolo` (no sandbox) and `--dangerously-skip-permissions` (seen in SKILL.md and README.md), which can bypass critical safety mechanisms. The skill also requires broad `exec`, `process`, `file-read`, and `file-write` permissions (package.json), granting extensive control over the system.
- External report
- View on VirusTotal