ralph-convert-prd

Transforms Product Requirements Documents into structured prd.json format for Ralph, ensuring clear user stories and verification commands.

Install this skill

50/100

Security score

The ralph-convert-prd skill was audited on Jun 13, 2026 and we found 10 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 80

Curl to non-GitHub URL

SourceSKILL.md

80	\| `backend` \| Run tests + curl endpoint with real data \| `curl -s http://localhost:3000/api/...` \|

high line 83

Curl to non-GitHub URL

SourceSKILL.md

83	\| `infra` \| Health check, config validation, service startup \| `curl -s http://localhost:3000/health` \|

medium line 115

Curl to non-GitHub URL

SourceSKILL.md

115	{ "command": "curl -s http://localhost:3000/api/tasks \| jq length", "expect": "not_empty" }

medium line 237

Curl to non-GitHub URL

SourceSKILL.md

237	{ "command": "curl -s -o /dev/null -w '%{http_code}' http://localhost:3000/api/tasks", "expect": "contains:200" },

medium line 238

Curl to non-GitHub URL

SourceSKILL.md

238	{ "command": "curl -s -X POST http://localhost:3000/api/tasks -H 'Content-Type: application/json' -d '{\"title\":\"test task\"}' -o /dev/null -w '%{http_code}'", "expect": "contains:201" }

low line 80

External URL reference

SourceSKILL.md

80	\| `backend` \| Run tests + curl endpoint with real data \| `curl -s http://localhost:3000/api/...` \|

low line 83

External URL reference

SourceSKILL.md

83	\| `infra` \| Health check, config validation, service startup \| `curl -s http://localhost:3000/health` \|

low line 115

External URL reference

SourceSKILL.md

115	{ "command": "curl -s http://localhost:3000/api/tasks \| jq length", "expect": "not_empty" }

low line 237

External URL reference

SourceSKILL.md

237	{ "command": "curl -s -o /dev/null -w '%{http_code}' http://localhost:3000/api/tasks", "expect": "contains:200" },

low line 238

External URL reference

SourceSKILL.md

238	{ "command": "curl -s -X POST http://localhost:3000/api/tasks -H 'Content-Type: application/json' -d '{\"title\":\"test task\"}' -o /dev/null -w '%{http_code}'", "expect": "contains:201" }

Scanned on Jun 13, 2026

View Security Dashboard

Installation guide →

GitHub Stars 17

Rate this skill

Categoryproduct

UpdatedJune 15, 2026

claude-code api backend product-manager growth-pm business-development product sales

cfircoo/claude-code-toolkit