Ralph Security Audit

Comprehensive security audit with 100 iterations (~30-60 min). Use when user says 'security audit', 'ralph security', 'weekly security check', 'audit this pr...

This skill is an instruction-only, 100-step security audit that will read project files, run git commands, scan for secrets, inspect environment variables, and write a `.ralph-report.md` in the repository. That behavior aligns with an audit, but note: (1) it will access environment variables and may surface secrets despite the skill declaring no required credentials, (2) it will write a report file that could contain sensitive findings — back up or inspect existing `.ralph-report.md` before running, and (3) if you run it against a live system the agent may request DB or infrastructure access (you would need to provide credentials separately). Only run this skill in a controlled environment where you are comfortable the agent can read the repo and env, and review the generated report before sharing it. If you need stricter boundaries, require the skill to declare which env/files it will access or run it inside an isolated container/CI job with read-only mounts.

Type: OpenClaw Skill Name: ralph-security Version: 3.0.0 The skill bundle defines a comprehensive security audit. While it instructs the AI agent to perform high-risk actions like reading environment variables, searching for secrets (API keys, passwords, tokens), executing `git` commands, enumerating network services, and writing to the filesystem (for reports), these capabilities are explicitly and plausibly required for a legitimate security audit. The `SKILL.md` instructions are detailed and focused on reporting findings, not exfiltrating data or performing unauthorized actions. There is no evidence of malicious intent, prompt injection to subvert the agent, or instructions to act beyond the stated purpose of auditing the project.