Back to skill

Security audit

Ralph Mode - Autonomous Development Loops

Security checks across malware telemetry and agentic risk

Overview

Ralph Mode is a disclosed autonomous coding workflow that can edit and commit project files, but its capabilities match its stated development purpose.

Install this when you want an agent to run a bounded autonomous coding loop in a project. Use a branch or disposable workspace, keep iteration and timeout limits, review PROGRESS.md and diffs, and do not run destructive reset commands such as hard resets unless your work is backed up.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The markdown instructs users to use "Git reset to last known good state" as an escape hatch, which can discard uncommitted work depending on how it is executed. The surrounding text does not include a warning about potential data loss or the need to confirm the reset mode before running it.

Memory Manipulation

High
Category
Memory Poisoning
Content
|--------------|-------------|------------|
| No progress logging | Parent agent cannot determine status | Mandatory PROGRESS.md |
| Silent failure | Work lost, time wasted | Explicit error logging |
| Overlapping sessions | File conflicts, corrupt state | Check/cleanup before spawn |
| Path assumptions | Wrong directory, wrong files | Explicit verification |
| No completion signal | Parent waits indefinitely | Clear COMPLETE status |
| Infinite iteration | Resource waste, no progress | Time limits + blockers |
Confidence
90% confidence
Finding
corrupt state

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.