Back to skill

Security audit

open-ralph

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for running a bounded autonomous coding loop, and its powerful code-changing behavior is disclosed and aligned with its purpose.

Install only if you intend to let a local coding agent modify the current repository. Use it on a clean branch or worktree, keep iteration limits conservative, avoid private code or secrets unless OpenCode/provider processing is acceptable, and review the full git diff before committing or merging.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly promotes an autonomous coding loop that can repeatedly modify a repository, but it does not clearly warn users up front that execution may change files automatically. In a code-assistant context, that omission matters because users may invoke the skill expecting analysis or troubleshooting, not persistent write actions across multiple iterations, increasing the chance of unintended or hard-to-review changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.