skills/jimweller/clanker-skills/ralph-review-deep/Snyk

ralph-review-deep

Fail

Audited by Snyk on Jun 12, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

Malicious code pattern detected (high risk: 0.90). High-risk: the skill deliberately packages repository contents (including plan/docs and bd outputs) into prompts sent to third‑party LLMs and instructs those LLMs to execute tool calls (bash) locally — creating clear avenues for data exfiltration and remote code execution if the LLMs or opencode tool integration are misused or compromised.

Issues (1)

E006

CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Jun 12, 2026, 10:21 PM

Issues

1

Security Audit — snyk — ralph-review-deep