open-ralph
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only skill for running a bounded autonomous coding loop, but users should understand it can modify a git repository and send coding prompts to OpenCode models.
This skill appears purpose-aligned and bounded, but use it on a clean git working tree, keep max-iteration limits, avoid confidential code unless provider use is acceptable, and review all diffs before committing or merging.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The tool may make repeated code changes in the current git repository before stopping.
The skill instructs the agent to run an autonomous coding CLI loop. This is central to the stated purpose and includes an iteration bound, but it can still modify repository files.
ralph "<TASK PROMPT>" \ --agent opencode \ --model opencode/kimi-k2.5-free \ --completion-promise "COMPLETE" \ --max-iterations 20
Run it only in the intended repository, keep iteration limits, and review git diffs before merging or committing changes.
The actual behavior depends on the locally installed versions of opencode, ralph, and git.
The instruction-only skill relies on external command-line tools rather than bundled reviewed code or an install spec.
"requires": { "bins": ["opencode", "ralph", "git"] }Install required binaries from trusted sources and keep them updated.
Task prompts and potentially code context may be processed by OpenCode-backed models.
The skill uses an external agent/model provider for coding tasks. That is disclosed and purpose-aligned, but the artifacts do not define data handling boundaries for prompts or repository context.
This skill runs an autonomous Ralph Wiggum coding loop using the `ralph` CLI with OpenCode as the agent provider.
Avoid using this on repositories or prompts containing secrets or confidential code unless you are comfortable with the provider's data handling.