Tencent SkillHub · Security & Compliance

Ralph Security Audit

Comprehensive security audit with 100 iterations (~30-60 min). Use when user says 'security audit', 'ralph security', 'weekly security check', 'audit this pr...

skill openclawclawhub Free

0 Downloads

0 Stars

0 Installs

0 Score

High Signal

Comprehensive security audit with 100 iterations (~30-60 min). Use when user says 'security audit', 'ralph security', 'weekly security check', 'audit this pr...

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup

Download the package from Yavira.
Extract the archive and review SKILL.md first.
Import or place the package into your OpenClaw setup.

Requirements

Target platform: OpenClaw
Install method: Manual import
Extraction: Extract archive
Prerequisites: OpenClaw
Primary doc: SKILL.md

Package facts

Download mode: Yavira redirect
Package format: ZIP package
Source platform: Tencent SkillHub
What's included: SKILL.md, references/severity-guide.md

Validation

Use the Yavira download entry.
Review SKILL.md after the package is downloaded.
Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

Download the package from Yavira.
Extract it into a folder your agent can access.
Paste one of the prompts below and point your agent at the extracted folder.

New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source: Tencent SkillHub
Verification: Indexed source record
Version: 3.0.0

Provenance

Publisher: dorukardahan
Source page: View original listing
Canonical URL: Open canonical page

Documentation

ClawHub primary doc Primary doc: SKILL.md 16 sections Open source page

Ralph Security — 100 Iterations (~30-60 min)

Comprehensive security audit with balanced depth and duration.

References

Severity definitions and triage guidance

Execution Engine

YOU MUST follow this loop for EVERY iteration: STATE: Read current iteration (start: 1) PHASE: Determine phase from iteration number ACTION: Perform ONE check from current phase VERIFY: Before reporting FAIL — read actual code, check if a library handles it (jose, bcrypt, passport, Auth0, etc.), check DB constraints, check environment gating. If inconclusive: NEEDS_REVIEW, not FAIL. REPORT: Output iteration result SAVE: Every 10 iterations, update .ralph-report.md INCREMENT: iteration = iteration + 1 CONTINUE: IF iteration <= 100 GOTO Step 1 FINAL: Generate comprehensive report Critical rules: ONE check per iteration — deep, not wide ALWAYS show [SEC-X/100] NEVER skip iterations CRITICAL findings: flag for immediate attention

Per-Iteration Output

══════════════════════════════════════════════════════════ [SEC-{N}/100] Phase {P}: {phase_name} Check: {specific_check} ══════════════════════════════════════════════════════════ Target: {file/endpoint/system} Result: {PASS|FAIL|WARN|N/A} Confidence: {VERIFIED|LIKELY|PATTERN_MATCH|NEEDS_REVIEW} Severity: {CRITICAL|HIGH|MEDIUM|LOW|INFO} Finding: {description} Fix: {recommendation or "N/A"} ────────────────────────────────────────────────────────── Progress: [██████████░░░░░░░░░░] {N}% ──────────────────────────────────────────────────────────

Persona

Senior security engineer. Evidence-based mindset, defense in depth, fail secure, least privilege.

Phase Structure (100 Iterations)

PhaseIterationsFocus Area11-15Reconnaissance & Sync216-45OWASP Top 10 Analysis346-65Authentication & Secrets466-85Infrastructure Security586-100Code Quality & Report

Phase 1: Reconnaissance (1-15)

IterCheck1Auto-detect stack and infra2Git sync: local vs remote3Uncommitted sensitive files4.env in .gitignore5Public endpoints enumeration6Authentication requirements mapping7Rate limiting coverage8Exposed ports (host/container)9Hidden services discovery10Cron jobs and scheduled tasks11Environment variable audit12Docker environment check13Documentation vs reality14Attack surface score15Phase 1 summary

Phase 2: OWASP Top 10 (16-45)

IterOWASPCheck16-18A01Broken Access Control (IDOR, CORS, path traversal)19-21A02Cryptographic Failures (weak algos, key mgmt, TLS)22-27A03Injection (SQL, Command, XSS, Template, Log)28-30A04Insecure Design (missing controls, business logic)31-33A05Security Misconfiguration (debug, errors, headers)34-36A06Vulnerable Components (dependency audit)37-39A07Auth Failures (credential stuffing, session mgmt)40-42A08Integrity Failures (deserialization, CI/CD)43-44A09Logging Failures (coverage, security)45A10SSRF (URL validation, metadata protection)

Phase 3: Authentication & Secrets (46-65)

Pre-check: Determine if codebase uses well-known libraries vs custom implementations. Library-handled crypto is generally safe — focus on USAGE errors. IterCheck46-50Secret detection (API keys, passwords, tokens)51-55JWT security (algorithm, claims, storage, revocation)56-58OAuth 2.0 (PKCE, redirect URI, state)59-62Admin authentication (brute force, timing, lockout)63-65Rate limiting analysis (coverage, bypass)

Phase 4: Infrastructure (66-85)

IterCheck66-70Container security (non-root, readonly, limits)71-75Network security (ports, firewall, isolation)76-78TLS/SSL (cert validity, ciphers, HSTS)79-81SSH security (key auth, config hardening)82-85Database security (SSL, permissions, access)

Phase 5: Code Quality & Report (86-100)

Pre-check: Check database constraints before flagging race conditions. IterCheck86-88Race conditions (TOCTOU, concurrent access)89-91Business logic flaws (workflow, rate limit bypass)92-94Error handling (safe messages, fail-safe)95-97Resource management (connections, memory)98Critical findings review99Security scorecard generation100Final report generation

Auto-Detect (Iteration 1)

git rev-parse --show-toplevel, git remote -v Stack: package.json, pyproject.toml, requirements.txt, go.mod Infra: Dockerfile, docker-compose.yml, k8s manifests CI/CD: .github/workflows, .gitlab-ci.yml Skip non-applicable checks, mark N/A

Report File

On start: rename existing .ralph-report.md to .ralph-report-{YYYY-MM-DD-HHmm}.md. Auto-save every 10 iterations.

Parameters

ParamDefaultOptions--iterations1001-200--focusallrecon, owasp, secrets, auth, infra, code, all--phaseall1-5--resume—Continue from checkpoint

Context Limit Protocol

If approaching context limit: checkpoint to report file, output resume command, wait for new session.

When to Use

Weekly security check New project onboarding Before major release Standard security audit

Category context

Identity, auth, scanning, governance, audit, and operational guardrails.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package

2 Docs

SKILL.md Primary doc
references/severity-guide.md Docs