ralph-quick

Fast security spot-check with 10 iterations (~5-10 min). Use when user says 'quick security check', 'pre-deploy audit', 'ralph quick', 'fast security scan', 'spot check before deploy', or 'daily security check'. Covers secrets, OWASP basics, auth, rate limiting, and containers.

View Source SKILL.md

Stars

Installs

Status

ACTIVE

Visibility

PUBLIC

安装方式

直接复制以下提示词，发送给你的 AI 助手即可完成安装。

请先检查是否已安装 SkillHub 商店，若未安装，请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店，然后安装 ralph-quick 技能。若已安装，则直接安装 ralph-quick 技能。

Overview

Skill Key: dorukardahan/ralph-quick
Author: dorukardahan
Source Repo: openclaw/skills
Version: -
Source Path: skills/dorukardahan/ralph-quick
Latest Commit SHA: e241cdb2162327f45a5695169682142d26619563

Extracted Content

SKILL.md excerpt

# Ralph Quick — 10 Iterations (~5-10 min)

Fast security spot-check for pre-deployment or daily security hygiene.

## References

- [Severity definitions](references/severity-guide.md)

## Instructions

### Execution Engine

YOU MUST follow this loop for EVERY iteration:

1. **STATE**: Read current iteration (start: 1)
2. **ACTION**: Perform ONE check from current phase
3. **VERIFY**: Before reporting FAIL — read actual code, check if a library handles it, check DB constraints, check if dev-only
4. **REPORT**: Output iteration result in the format below
5. **INCREMENT**: iteration = iteration + 1
6. **CONTINUE**: IF iteration <= 10 GOTO Step 1
7. **FINAL**: Generate summary report saved to `.ralph-report.md`

**Critical rules:**
- ONE check per iteration (not all at once)
- ALWAYS show iteration counter `[QUICK-X/10]`
- NEVER skip iterations
- If VERIFY is inconclusive: mark `NEEDS_REVIEW`, not `FAIL`

### Per-Iteration Output

```
[QUICK-{N}/10] {check_name}
Target: {file or system component}
Result: {PASS|FAIL|WARN|N/A}
Confidence: {VERIFIED|LIKELY|PATTERN_MATCH|NEEDS_REVIEW}
Finding: {description or "Clean"}
───────────────────────────────
```

### Persona

Senior security engineer — evidence-based, critical focus, maximum efficiency.

### Phase Structure

| Iter | Check |
|------|-------|
| 1 | Auto-detect stack, infra, git sync |
| 2 | .env in .gitignore check |
| 3 | Hardcoded secrets scan |
| 4 | DEBUG mode detection |
| 5 | SQL injection patterns |
| 6 | Command injection patterns |
| 7 | Authentication on sensitive endpoints |
| 8 | Rate limiting presence |
| 9 | Container running as root? |
| 10 | Summary & recommendations |

### Auto-Detect (Iteration 1)

Deterministic order:
1. `git rev-parse --show-toplevel`
2. Stack: `package.json`, `pyproject.toml`, `requirements.txt`, `go.mod`
3. Infra: `Dockerfile`, `docker-compose.yml`, k8s manifests
4. CI/CD: `.github/workflows`, `.gitlab-ci.yml`
5. Skip non-applicable checks, mark N/A

### Confidence Levels

| Le...

Related Claw Skills

aicodelion

agent-pack-n-go

★ 73

🚀 Clone your OpenClaw AI Agent to a new device in ~25 minutes — configs, memory, skills, everything.

heyixuan2

bambu-studio-ai

★ 41

Bambu Lab 3D printer control and automation. Activate when user mentions: printer status, 3D printing, slice, analyze model, generate 3D, AMS filament, print monitor, Bambu Lab, or any 3D printing task. Full pipeline: search → generate → analyze → colorize → preview → open BS → user slice → print → monitor. Supports all 9 Bambu Lab printers (A1 Mini, A1, P1S, P2S, X1C, X1E, H2C, H2S, H2D).

cacheforge-ai

cacheforge-skills

★ 8

⚡ SOTA agent skills for OpenClaw — observability, security, code quality, incident response, and more. Built by Anvil AI.

zjianru

restart-guard

★ 5

OpenClaw Skill: Safely restart the Gateway with context preservation, guardian watchdog, and multi-channel notification

jgm2025

linux-patcher-skill

★ 3

Automated Linux server patching with PatchMon integration for OpenClaw

cyrustmods

OPENCLAW-SKILL-SAFE

★ 1

🛡️ Audit and verify OpenClaw skills for safety, ensuring quality with 395 safe skills from an in-depth analysis of over 4,000 entries.