ralphmode
Configure Claude Code, Codex CLI, and Gemini CLI for reduced-approval Ralph automation while enforcing project boundaries and secret denylists.
- Provides two preset permission profiles: repo-scoped (default, safer) and sandbox (full bypass for disposable environments only)
- Implements dynamic safety checkpoints via platform-specific hooks that block Tier 1 dangerous operations (rm -rf, git reset --hard, .env access, sudo) at execution time
- Supports Claude Code, Codex CLI, and Gemini CLI with auto-detection of git root and fallback inline configuration
- Includes explicit deny rules for secrets and destructive commands alongside allow-listed automation patterns (npm, git, pytest, file operations)
Ralphmode
Ralphmode is a cross-platform permission profile for long-running ralph or jeo workflows.
It reduces approval friction, but it is not "allow everything everywhere."
The core rule is simple: widen automation only inside a bounded project or disposable sandbox, and keep secrets plus destructive commands explicitly blocked.
0. Agent Execution Protocol (execute immediately upon ralphmode keyword detection)
The following steps are commands, not descriptions. Execute them in order immediately when
ralphmodeis invoked. Do not skip steps.
STEP 0: Detect mode from user's message
Parse the user's invocation:
- If the user says "sandbox", "yolo", "bypass all", "skip all", "disposable" →
MODE=sandbox - Otherwise →
MODE=repo(default, safer)
STEP 1: Run the setup script
More from supercent-io/skills-template
security-best-practices
Implement security best practices for web applications and infrastructure. Use when securing APIs, preventing common vulnerabilities, or implementing security policies. Handles HTTPS, CORS, XSS, SQL Injection, CSRF, rate limiting, and OWASP Top 10.
14.1Kdata-analysis
Analyze datasets to extract insights, identify patterns, and generate reports. Use when exploring data, creating visualizations, or performing statistical analysis. Handles CSV, JSON, SQL queries, and Python pandas operations.
13.8Kweb-accessibility
Implement web accessibility (a11y) standards following WCAG 2.1 guidelines. Use when building accessible UIs, fixing accessibility issues, or ensuring compliance with disability standards. Handles ARIA attributes, keyboard navigation, screen readers, semantic HTML, and accessibility testing.
12.7Kworkflow-automation
Automate repetitive development tasks and workflows. Use when creating build scripts, automating deployments, or setting up development workflows. Handles npm scripts, Makefile, GitHub Actions workflows, and task automation.
12.6Kcode-review
Conduct thorough, constructive code reviews for quality and security. Use when reviewing pull requests, checking code quality, identifying bugs, or auditing security. Handles best practices, SOLID principles, security vulnerabilities, performance analysis, and testing coverage.
12.5Kdatabase-schema-design
Design and optimize database schemas for SQL and NoSQL databases. Use when creating new databases, designing tables, defining relationships, indexing strategies, or database migrations. Handles PostgreSQL, MySQL, MongoDB, normalization, and performance optimization.
12.2K