Back to skill
Skillv3.0.0
VirusTotal security
Ralph Ultra Security Audit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:13 AM
- Hash
- 16152af5f64d3292fd86b5d555f65508dfc601c3e29b5b18e7feb1c3064d3be2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ralph-ultra Version: 3.0.0 The skill bundle is classified as suspicious due to the extensive and high-risk capabilities it instructs the AI agent to perform, even though these actions are framed within the context of a 'deep security audit'. Instructions in `SKILL.md` include explicit command execution (`git rev-parse --show-toplevel`), broad file system access (reading code, `.env` files, git history for 'secret detection', CI/CD configs, and writing to `.ralph-report.md`), network enumeration ('endpoint enumeration', 'exposed ports'), and 'penetration test simulation' with 'Red Team Mindset' and 'proof-of-concept' generation. While these actions are necessary for a thorough security audit, they represent significant potential for abuse or unintended harm if the agent were compromised or if the instructions were subtly subverted, making it a high-risk tool rather than benign.
- External report
- View on VirusTotal