{ "schemaVersion": "1.0", "item": { "slug": "wreckit-ralph", "name": "wreckit-ralph", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/christiancattaneo/wreckit-ralph", "canonicalUrl": "https://clawhub.ai/christiancattaneo/wreckit-ralph", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/wreckit-ralph", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=wreckit-ralph", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "GAMEPLAN.md", "SKILL.md", "TODO.md", "assets/dashboard/index.html", "assets/dashboard/server.mjs", "references/gates/behavior-capture.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/wreckit-ralph" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/wreckit-ralph", "agentPageUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent", "manifestUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent.json", "briefUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Reckit — Bulletproof AI Code Verification", "body": "Build it. Break it. Prove it works." }, { "title": "Philosophy", "body": "AI can't verify itself. Structure the pipeline so it can't silently agree with itself.\nSeparate Builder/Tester/Breaker roles across fresh contexts. Use independent oracles.\n\nFull 14-step framework: references/verification-framework.md" }, { "title": "Modes", "body": "Auto-detected from context:\n\nModeTriggerDescription🟢 BUILDEmpty repo + PRDFull pipeline for greenfield🟡 REBUILDExisting code + migration specBUILD + behavior capture + replay🔴 FIXExisting code + bug reportFix, verify, check regressions🔵 AUDITExisting code, no changesVerify and report only" }, { "title": "Gates", "body": "Read the gate file before executing it. Each contains: question, checks, pass/fail criteria.\n\nGateBUILDREBUILDFIXAUDITFileAI Slop Scan✅✅✅✅references/gates/slop-scan.mdType Check✅✅✅✅references/gates/type-check.mdRalph Loop✅✅✅❌references/gates/ralph-loop.mdTest Quality✅✅✅✅references/gates/test-quality.mdMutation Kill✅✅✅✅references/gates/mutation-kill.mdCross-Verify✅❌❌❌references/gates/cross-verify.mdBehavior Capture❌✅❌❌references/gates/behavior-capture.mdRegression❌✅✅❌references/gates/regression.mdSAST❌❌✅✅references/gates/sast.mdLLM-as-Judgeoptoptoptoptreferences/gates/llm-judge.mdDesign Review❌❌❌✅references/gates/design-review.mdCI Integration✅✅❌✅references/gates/ci-integration.mdProof Bundle✅✅✅✅references/gates/proof-bundle.md" }, { "title": "Scripts", "body": "Deterministic helpers — run these, don't rewrite them:\n\nCore (all modes):\n\nscripts/project-type.sh [path] — classify project context + calibration profile (skip_gates, thresholds, tolerated warns)\nscripts/detect-stack.sh [path] — auto-detect language, framework, test runner → JSON\nscripts/check-deps.sh [path] — verify all deps exist in registries (hallucination check)\nscripts/slop-scan.sh [path] — semantic slop scan (tracked vs untracked debt, categorized output) → JSON\nscripts/type-check.sh [path] — run type checker (tsc/mypy/cargo/go vet) → JSON\nscripts/ralph-loop.sh [path] — validate IMPLEMENTATION_PLAN.md structure → JSON\nscripts/coverage-stats.sh [path] — extract raw coverage numbers from test runner\nscripts/mutation-test.sh [path] [test-cmd] — mutation testing (mutmut/cargo-mutants/Stryker/AI)\nscripts/mutation-test-stryker.sh [path] — Stryker-specific mutation testing → JSON\nscripts/red-team.sh [path] — SAST + 20+ vulnerability patterns → JSON\nscripts/regex-complexity.sh [path] [--context library|app] — targeted ReDoS analysis → JSON\nscripts/proof-bundle.sh [path] [mode] — corroboration-based aggregation + proof bundle writer\nscripts/run-all-gates.sh [path] [mode] [--log-file] — sequential gate runner with telemetry + adaptive skipping/tolerance\n\nMode-specific:\n\nscripts/behavior-capture.sh [path] — capture golden fixtures before rebuild (REBUILD)\nscripts/design-review.sh [path] — dep graph, coupling, circular deps (AUDIT/REBUILD) → JSON\nscripts/ci-integration.sh [path] — CI config detection and scoring → JSON\nscripts/differential-test.sh [path] — oracle comparison, golden tests (BUILD/REBUILD) → JSON\n\nExtended verification:\n\nscripts/dynamic-analysis.sh [path] — memory leaks, race conditions, FD leaks → JSON\nscripts/perf-benchmark.sh [path] — benchmark detection + regression vs baseline → JSON\nscripts/property-test.sh [path] — property-based/fuzz testing, generates stubs → JSON\n\nBootstrap:\n\nscripts/run-audit.sh [path] [mode] [--spawn] — generate orchestrator task + optional spawn" }, { "title": "Swarm Architecture", "body": "For multi-gate parallel execution, read references/swarm/orchestrator.md.\n\nQuick overview:\n\nMain agent → wreckit orchestrator (depth 1)\n ├─ Planning: Architect worker\n ├─ Building: Sequential Implementer workers\n ├─ Verification: Parallel gate workers\n ├─ Sequential: Cross-verify / regression / judge\n └─ Decision: Proof bundle → Ship / Caution / Blocked\n\nCritical: Read references/swarm/collect.md before spawning workers.\nNever fabricate results. Wait for all workers to report back.\nWorker output format: references/swarm/handoff.md.\n\nConfig required:\n\n{ \"agents.defaults.subagents\": { \"maxSpawnDepth\": 2, \"maxChildrenPerAgent\": 8 } }" }, { "title": "Decision Framework", "body": "VerdictCriteriaShip ✅No hard blocks; no corroborated multi-domain fail evidence above block thresholdCaution ⚠️Single non-hard fail, warning-only risk, or corroboration below block thresholdBlocked 🚫Any hard block OR corroborated non-hard failure pattern (multi-signal, multi-domain, high-confidence)\n\nHard-block + corroboration rule details: references/gates/corroboration.md" }, { "title": "Supported Languages & Stacks", "body": "LanguageGates AvailableNotesTypeScript/JS11/11Full support via Stryker, tsc, vitest/jestPython11/11Full support via mutmut, mypy/pyright, pytestRust11/11Full support via cargo-mutants, cargo check/testGo11/11Full support via go vet, go testSwift (SPM)9/11mutation = AI-estimated CAUTION, cross-verify = manualSwift (Xcode)7/11type-check = xcodebuild, mutation = AI-estimated, coverage = limitediOS apps7/11Same as Xcode projectsJava/Kotlin10/11Gradle/Maven, mutation via PIT (manual setup)Shell8/11shellcheck, limited mutation testing" }, { "title": "Swift Notes", "body": "Mutation testing requires manual verification — no automated mutation testing tool exists for Swift as of 2026. The mutation gate uses AI-estimated analysis (counts mutation surface, compares to test count) and always outputs CAUTION, never SHIP.\nSPM projects get high-confidence type checking via swift build (the compiler IS the type checker).\nXcode projects get medium-confidence type checking via xcodebuild with auto-detected schemes.\nDependency checking lists SPM dependencies but notes that no automated CVE database exists for Swift packages — manual review is always recommended.\nCocoaPods projects: pod outdated is checked if Podfile present.\nBuild systems detected: SPM, xcodebuild, CocoaPods, Carthage, mixed." }, { "title": "Running an Audit (Single-Agent, No Swarm)", "body": "For small projects or when swarm isn't needed, run gates sequentially:\n\nscripts/detect-stack.sh → know your target (language, test cmd, type checker)\nscripts/check-deps.sh → verify deps are real (not hallucinated)\nscripts/slop-scan.sh → find placeholders, template artifacts, empty stubs\nRun type checker (from detect-stack output) → references/gates/type-check.md\nRun tests + scripts/coverage-stats.sh → references/gates/test-quality.md\nscripts/mutation-test.sh → references/gates/mutation-kill.md (uses mutmut/cargo-mutants/Stryker if available)\nscripts/red-team.sh → references/gates/sast.md (20+ vulnerability patterns, JSON report)\nscripts/design-review.sh → references/gates/design-review.md (dep graph, circular deps, god modules)\nscripts/ci-integration.sh → references/gates/ci-integration.md (CI config detection + scoring)\nscripts/dynamic-analysis.sh → references/gates/dynamic-analysis.md (memory leaks, race conditions)\nscripts/perf-benchmark.sh → references/gates/performance.md (benchmark detection + regression)\nscripts/property-test.sh → references/gates/property-based.md (fuzzing, invariant checks)\nscripts/differential-test.sh → references/gates/differential.md (oracle comparison, metamorphic tests)\necho '[...gate-results-json...]' | scripts/proof-bundle.sh [path] [mode] → writes .wreckit/proof.json, dashboard.json, decision.md" }, { "title": "Quick Start", "body": "\"Use wreckit to audit [project]. Don't change anything.\"\n\"Use wreckit to build [project] from this PRD.\"\n\"Use wreckit to fix [bug]. Prove nothing else breaks.\"\n\"Use wreckit to rebuild [project] in [framework].\"" }, { "title": "Dashboard", "body": "assets/dashboard/ contains a local web dashboard for viewing proof bundles across repos.\nRun: node assets/dashboard/server.mjs (port 3939). Reads .wreckit/dashboard.json from projects." }, { "title": "Codex CLI Notes (2026-02-22)", "body": "When using Codex CLI to build/run projects:\n\n--full-auto sandbox blocks npm install network access (ENOTFOUND registry.npmjs.org)\nFix: use --dangerously-bypass-approvals-and-sandbox flag instead\nAuth: echo \"$OPENAI_API_KEY\" | codex login --with-api-key stores credentials to ~/.codex/auth.json\nConfig: ~/.codex/config.toml with model = \"gpt-5.2-codex\" and [shell_environment_policy] inherit = \"all\"\ngpt-5.3-codex is Copilot/VS Code only — not available via direct API. Use gpt-5.2-codex." } ], "body": "Reckit — Bulletproof AI Code Verification\n\nBuild it. Break it. Prove it works.\n\nPhilosophy\n\nAI can't verify itself. Structure the pipeline so it can't silently agree with itself. Separate Builder/Tester/Breaker roles across fresh contexts. Use independent oracles.\n\nFull 14-step framework: references/verification-framework.md\n\nModes\n\nAuto-detected from context:\n\nMode\tTrigger\tDescription\n🟢 BUILD\tEmpty repo + PRD\tFull pipeline for greenfield\n🟡 REBUILD\tExisting code + migration spec\tBUILD + behavior capture + replay\n🔴 FIX\tExisting code + bug report\tFix, verify, check regressions\n🔵 AUDIT\tExisting code, no changes\tVerify and report only\nGates\n\nRead the gate file before executing it. Each contains: question, checks, pass/fail criteria.\n\nGate\tBUILD\tREBUILD\tFIX\tAUDIT\tFile\nAI Slop Scan\t✅\t✅\t✅\t✅\treferences/gates/slop-scan.md\nType Check\t✅\t✅\t✅\t✅\treferences/gates/type-check.md\nRalph Loop\t✅\t✅\t✅\t❌\treferences/gates/ralph-loop.md\nTest Quality\t✅\t✅\t✅\t✅\treferences/gates/test-quality.md\nMutation Kill\t✅\t✅\t✅\t✅\treferences/gates/mutation-kill.md\nCross-Verify\t✅\t❌\t❌\t❌\treferences/gates/cross-verify.md\nBehavior Capture\t❌\t✅\t❌\t❌\treferences/gates/behavior-capture.md\nRegression\t❌\t✅\t✅\t❌\treferences/gates/regression.md\nSAST\t❌\t❌\t✅\t✅\treferences/gates/sast.md\nLLM-as-Judge\topt\topt\topt\topt\treferences/gates/llm-judge.md\nDesign Review\t❌\t❌\t❌\t✅\treferences/gates/design-review.md\nCI Integration\t✅\t✅\t❌\t✅\treferences/gates/ci-integration.md\nProof Bundle\t✅\t✅\t✅\t✅\treferences/gates/proof-bundle.md\nScripts\n\nDeterministic helpers — run these, don't rewrite them:\n\nCore (all modes):\n\nscripts/project-type.sh [path] — classify project context + calibration profile (skip_gates, thresholds, tolerated warns)\nscripts/detect-stack.sh [path] — auto-detect language, framework, test runner → JSON\nscripts/check-deps.sh [path] — verify all deps exist in registries (hallucination check)\nscripts/slop-scan.sh [path] — semantic slop scan (tracked vs untracked debt, categorized output) → JSON\nscripts/type-check.sh [path] — run type checker (tsc/mypy/cargo/go vet) → JSON\nscripts/ralph-loop.sh [path] — validate IMPLEMENTATION_PLAN.md structure → JSON\nscripts/coverage-stats.sh [path] — extract raw coverage numbers from test runner\nscripts/mutation-test.sh [path] [test-cmd] — mutation testing (mutmut/cargo-mutants/Stryker/AI)\nscripts/mutation-test-stryker.sh [path] — Stryker-specific mutation testing → JSON\nscripts/red-team.sh [path] — SAST + 20+ vulnerability patterns → JSON\nscripts/regex-complexity.sh [path] [--context library|app] — targeted ReDoS analysis → JSON\nscripts/proof-bundle.sh [path] [mode] — corroboration-based aggregation + proof bundle writer\nscripts/run-all-gates.sh [path] [mode] [--log-file] — sequential gate runner with telemetry + adaptive skipping/tolerance\n\nMode-specific:\n\nscripts/behavior-capture.sh [path] — capture golden fixtures before rebuild (REBUILD)\nscripts/design-review.sh [path] — dep graph, coupling, circular deps (AUDIT/REBUILD) → JSON\nscripts/ci-integration.sh [path] — CI config detection and scoring → JSON\nscripts/differential-test.sh [path] — oracle comparison, golden tests (BUILD/REBUILD) → JSON\n\nExtended verification:\n\nscripts/dynamic-analysis.sh [path] — memory leaks, race conditions, FD leaks → JSON\nscripts/perf-benchmark.sh [path] — benchmark detection + regression vs baseline → JSON\nscripts/property-test.sh [path] — property-based/fuzz testing, generates stubs → JSON\n\nBootstrap:\n\nscripts/run-audit.sh [path] [mode] [--spawn] — generate orchestrator task + optional spawn\nSwarm Architecture\n\nFor multi-gate parallel execution, read references/swarm/orchestrator.md.\n\nQuick overview:\n\nMain agent → wreckit orchestrator (depth 1)\n ├─ Planning: Architect worker\n ├─ Building: Sequential Implementer workers\n ├─ Verification: Parallel gate workers\n ├─ Sequential: Cross-verify / regression / judge\n └─ Decision: Proof bundle → Ship / Caution / Blocked\n\n\nCritical: Read references/swarm/collect.md before spawning workers. Never fabricate results. Wait for all workers to report back. Worker output format: references/swarm/handoff.md.\n\nConfig required:\n\n{ \"agents.defaults.subagents\": { \"maxSpawnDepth\": 2, \"maxChildrenPerAgent\": 8 } }\n\nDecision Framework\nVerdict\tCriteria\nShip ✅\tNo hard blocks; no corroborated multi-domain fail evidence above block threshold\nCaution ⚠️\tSingle non-hard fail, warning-only risk, or corroboration below block threshold\nBlocked 🚫\tAny hard block OR corroborated non-hard failure pattern (multi-signal, multi-domain, high-confidence)\n\nHard-block + corroboration rule details: references/gates/corroboration.md\n\nSupported Languages & Stacks\nLanguage\tGates Available\tNotes\nTypeScript/JS\t11/11\tFull support via Stryker, tsc, vitest/jest\nPython\t11/11\tFull support via mutmut, mypy/pyright, pytest\nRust\t11/11\tFull support via cargo-mutants, cargo check/test\nGo\t11/11\tFull support via go vet, go test\nSwift (SPM)\t9/11\tmutation = AI-estimated CAUTION, cross-verify = manual\nSwift (Xcode)\t7/11\ttype-check = xcodebuild, mutation = AI-estimated, coverage = limited\niOS apps\t7/11\tSame as Xcode projects\nJava/Kotlin\t10/11\tGradle/Maven, mutation via PIT (manual setup)\nShell\t8/11\tshellcheck, limited mutation testing\nSwift Notes\nMutation testing requires manual verification — no automated mutation testing tool exists for Swift as of 2026. The mutation gate uses AI-estimated analysis (counts mutation surface, compares to test count) and always outputs CAUTION, never SHIP.\nSPM projects get high-confidence type checking via swift build (the compiler IS the type checker).\nXcode projects get medium-confidence type checking via xcodebuild with auto-detected schemes.\nDependency checking lists SPM dependencies but notes that no automated CVE database exists for Swift packages — manual review is always recommended.\nCocoaPods projects: pod outdated is checked if Podfile present.\nBuild systems detected: SPM, xcodebuild, CocoaPods, Carthage, mixed.\nRunning an Audit (Single-Agent, No Swarm)\n\nFor small projects or when swarm isn't needed, run gates sequentially:\n\nscripts/detect-stack.sh → know your target (language, test cmd, type checker)\nscripts/check-deps.sh → verify deps are real (not hallucinated)\nscripts/slop-scan.sh → find placeholders, template artifacts, empty stubs\nRun type checker (from detect-stack output) → references/gates/type-check.md\nRun tests + scripts/coverage-stats.sh → references/gates/test-quality.md\nscripts/mutation-test.sh → references/gates/mutation-kill.md (uses mutmut/cargo-mutants/Stryker if available)\nscripts/red-team.sh → references/gates/sast.md (20+ vulnerability patterns, JSON report)\nscripts/design-review.sh → references/gates/design-review.md (dep graph, circular deps, god modules)\nscripts/ci-integration.sh → references/gates/ci-integration.md (CI config detection + scoring)\nscripts/dynamic-analysis.sh → references/gates/dynamic-analysis.md (memory leaks, race conditions)\nscripts/perf-benchmark.sh → references/gates/performance.md (benchmark detection + regression)\nscripts/property-test.sh → references/gates/property-based.md (fuzzing, invariant checks)\nscripts/differential-test.sh → references/gates/differential.md (oracle comparison, metamorphic tests)\necho '[...gate-results-json...]' | scripts/proof-bundle.sh [path] [mode] → writes .wreckit/proof.json, dashboard.json, decision.md\nQuick Start\n\"Use wreckit to audit [project]. Don't change anything.\"\n\"Use wreckit to build [project] from this PRD.\"\n\"Use wreckit to fix [bug]. Prove nothing else breaks.\"\n\"Use wreckit to rebuild [project] in [framework].\"\n\nDashboard\n\nassets/dashboard/ contains a local web dashboard for viewing proof bundles across repos. Run: node assets/dashboard/server.mjs (port 3939). Reads .wreckit/dashboard.json from projects.\n\nCodex CLI Notes (2026-02-22)\n\nWhen using Codex CLI to build/run projects:\n\n--full-auto sandbox blocks npm install network access (ENOTFOUND registry.npmjs.org)\nFix: use --dangerously-bypass-approvals-and-sandbox flag instead\nAuth: echo \"$OPENAI_API_KEY\" | codex login --with-api-key stores credentials to ~/.codex/auth.json\nConfig: ~/.codex/config.toml with model = \"gpt-5.2-codex\" and [shell_environment_policy] inherit = \"all\"\ngpt-5.3-codex is Copilot/VS Code only — not available via direct API. Use gpt-5.2-codex." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/christiancattaneo/wreckit-ralph", "publisherUrl": "https://clawhub.ai/christiancattaneo/wreckit-ralph", "owner": "christiancattaneo", "version": "2.4.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/wreckit-ralph", "downloadUrl": "https://openagent3.xyz/downloads/wreckit-ralph", "agentUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent", "manifestUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent.json", "briefUrl": "https://openagent3.xyz/skills/wreckit-ralph/agent.md" } }