ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ralph Wiggum Loop

v1.0.0

Iteracyjnie doskonali kod lub tekst AI, wykrywając i naprawiając błędy, optymalizacje, bezpieczeństwo i styl w maksymalnie trzech krokach.

0· 49·0 current·0 all-time
by@nerua1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (iterative code/text improvement) matches the included components (generator.py, critic.py, ralph-loop.sh) and the declared runtime behavior (send code to LLM, get issues, fix, verify). No unrelated credentials or services are requested.
Instruction Scope
Runtime instructions and scripts read user-supplied code/files and send them to an LLM endpoint (LM Studio). That is expected for this skill. However: (1) the SKILL.md and scripts assume LM Studio runs at http://127.0.0.1:1234 but the code honors LMSTUDIO_URL/--api-url overrides — if LMSTUDIO_URL is pointed to a remote host, user code will be transmitted off-host; (2) the scripts call external tools (curl, jq) and Python packages (requests) but the SKILL.md omits jq and the Python dependency; (3) there are CLI argument mismatches between ralph-loop.sh and generator.py (the shell passes -u/-s which generator.py's argparse does not define), which is an implementation inconsistency that can cause failures.
Install Mechanism
No install spec is provided (instruction-only deployment). Included files are local scripts and Python modules; there are no downloads from arbitrary URLs or archive extraction. Risk from install mechanism is low, but running the code writes nothing special to disk beyond user-specified outputs.
Credentials
The skill requests no secrets and declares no required env vars. In practice the code uses LMSTUDIO_URL, optional model env vars (LMSTUDIO_MODEL*, RALPH_MODEL) and RALPH_MAX_ITER — these are proportional to the purpose. Important caveat: LMSTUDIO_URL can be set to any URL, which would redirect all code and diagnostics to that endpoint; that is expected behavior but a potential data-exfiltration vector if misconfigured.
Persistence & Privilege
always:false and no special persistence. The skill does not modify other skills or system-wide agent config and does not request elevated privileges. Autonomous invocation is allowed (platform default) but not excessive here.
What to consider before installing
This skill appears to implement the advertised iterative improvement loop, but review and test before using on sensitive code. Specific recommendations: - Ensure LM Studio runs locally and do NOT set LMSTUDIO_URL to a remote host unless you intend to send your code there (the scripts will transmit the full code to whatever LMSTUDIO_URL is used). - Install required tools first: Python 3.9+, the 'requests' package (pip install requests), curl, and jq (the shell scripts use jq but SKILL.md didn't mention it). - Be aware of a small implementation mismatch: ralph-loop.sh passes flags (-u, -s) that generator.py's CLI doesn't define; run the Python modules directly or inspect/fix the shell script before relying on it. - Review the scripts' behavior (especially fix_code which posts code and issues to the LM endpoint) on non-sensitive examples to confirm behavior and outputs. - If you plan to run this in a production environment, run it in an isolated environment and audit network traffic to confirm LM Studio is local.

Like a lobster shell, security has layers — review code before you run it.

latestvk976cg7kh54j1h0260cd6bbp4584qcr8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments