Ralph Quick Security Check

Fast security spot-check with 10 iterations (~5-10 min). Use when user says 'quick security check', 'pre-deploy audit', 'ralph quick', 'fast security scan',...

This skill is internally consistent for a quick repo-focused security spot-check. Before installing or running it: - Ensure the agent runs in a safe workspace or a checked-out copy (it will read source code, CI files, Dockerfiles and may rename or write .ralph-report.md). - If you do not want any code executed, restrict the agent from running shell commands or performing PoC verification; treat VERIFIED findings that require PoC as manual actions. - Review report outputs and any file renames before committing them to source control. - Prefer running this skill on non-production or CI snapshots when you want it to perform any potentially disruptive verification steps. If you need stricter guarantees (no execution, no writes), require the skill to operate in read-only mode or provide a configuration that disallows PoC/execution steps.

Type: OpenClaw Skill Name: ralph-quick Version: 3.0.0 The skill instructs the AI agent to execute shell commands (e.g., `git rev-parse --show-toplevel` in SKILL.md) and perform extensive file system operations (reading various project files, writing/renaming `.ralph-report.md`). While these capabilities are plausibly needed for its stated purpose of a security audit, they introduce a significant attack surface. The explicit shell execution and broad file system access, even without clear malicious intent within the skill's own instructions, classify it as 'suspicious' due to the potential for abuse if the OpenClaw agent's execution environment or user input sanitization is vulnerable to injection.