ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ralph Ultra Security Audit

v3.0.0

Deep-dive security audit with 1,000 iterations (~4-8 hours). Use when user says 'deep security audit', 'ralph ultra', 'compliance audit prep', 'thorough secu...

0· 633·0 current·0 all-time
by@dorukardahan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (deep 1,000‑iteration security audit) aligns with the SKILL.md: it explicitly instructs exhaustive checks across code, infrastructure, dependencies, and secrets. That capability legitimately requires broad access to code, repos, and environments, so the purpose is coherent — but the metadata does not declare the access/credentials this requires, which is unexpected.
!
Instruction Scope
The runtime loop explicitly directs the agent to 'read actual code, check libraries, check DB constraints, check environment' and to provide proof-of-concept exploits where applicable. These are open-ended instructions that give the agent broad discretion to access arbitrary files, environment variables, git history, and potentially run or craft exploit code. The SKILL.md does not limit scope (e.g., to a specific repo path or read-only snapshot) or describe safe guardrails for destructive actions.
Install Mechanism
Instruction-only skill with no install spec and no code files executed by the platform — lowest install risk. There is no remote download or package installation declared.
!
Credentials
The skill declares no required env vars, credentials, or config paths, but the instructions require access to secrets, databases, git history, and environment drift checks. That mismatch means the skill will likely need credentials or filesystem access at runtime that are not surfaced up front for users to review — a proportionality and transparency issue.
Persistence & Privilege
always:false and no persistent install or modification of other skills. The skill saves progress to .ralph-report.md every 50 iterations (local file), which is expected for a multi-step audit; there is no declared attempt to modify system-wide agent settings or other skills.
What to consider before installing
This skill is a powerful, open-ended audit runner: it tells the agent to read code, environment variables, git history, database constraints, and to generate proof-of-concept exploits. That is coherent for a deep audit, but the skill metadata does not declare what credentials or files it will need — so installing it could allow the agent to access sensitive data without you knowing upfront. Before installing or running: (1) only run in an isolated/staging environment or sandbox with no production secrets; (2) require the author to document exact inputs, expected repo paths, and credential requirements; (3) restrict the agent's filesystem/DB access to read-only snapshots where possible; (4) decide whether you permit automatic PoC generation (it can create exploit code); and (5) consider manual human review of findings before any remediation is applied. If you need higher assurance, ask the publisher to add explicit required env/config entries and scope constraints in the SKILL.md so required privileges are visible before installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cck2092aa3j2ttvm3z44hxh81ejq4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚔️ Clawdis

Comments