← Back to Skills Marketplace
aunicall

Detector of prompt injection

by aunicall · GitHub ↗ · v0.1.2 · MIT-0
cross-platform ✓ Security Clean
149
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install prompt-inspector
Description
Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text...
Usage Guidance
This skill appears to be what it claims: a thin client that sends text to promptinspector.io and returns a verdict. Before installing, verify you trust the Prompt Inspector provider and keep your PMTINSP_API_KEY secret (do not commit it to public repos). Be cautious when using the --base-url option or changing the API endpoint: pointing it to an untrusted server would forward user inputs (possibly sensitive) and the API key to that server. If you need on-premise processing for privacy, prefer a self-hosted instance you control and verify network traffic. Finally, rotate or scope the API key if you plan to use it in production.
Capability Analysis
Type: OpenClaw Skill Name: prompt-inspector Version: 0.1.2 The prompt-inspector skill is a legitimate tool designed to interface with the Prompt Inspector API for detecting adversarial inputs. The Python and Node.js scripts (detect.py, detect.js) use standard libraries to send user-provided text to https://promptinspector.io for safety analysis. While the scripts access ~/.openclaw/.env, this behavior is clearly documented and used solely to retrieve the required PMTINSP_API_KEY. No evidence of data exfiltration, malicious execution, or harmful prompt injection instructions was found.
Capability Assessment
Purpose & Capability
Name/description match the implementation: the helper scripts and SKILL.md send user text to an external detection API and require a single API key (PMTINSP_API_KEY). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions only describe sending input to the stated API, reading the declared PMTINSP_API_KEY (env var, CLI arg, or ~/.openclaw/.env), and formatting output. The SKILL.md examples include adversarial phrases (e.g., "Ignore all previous instructions") which are example inputs consistent with the product's purpose.
Install Mechanism
No install spec or external downloads. The included scripts use only standard-library modules and do not install third-party packages or fetch arbitrary code at install time.
Credentials
The skill requires only one environment variable (PMTINSP_API_KEY), which is appropriate for a hosted API client. The scripts optionally read ~/.openclaw/.env for that same variable — consistent with SKILL.md. No other secret-like env vars are requested.
Persistence & Privilege
always is false, the skill doesn't request persistent or elevated platform privileges, and it does not modify other skills or system-wide configs. It only reads its own expected config locations.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install prompt-inspector
  3. After installation, invoke the skill by name or use /prompt-inspector
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
- Refine SKILL
v0.1.1
- Improve the description.
v0.1.0
Initial release of Prompt Inspector, an API service for prompt injection detection. - Detects prompt injection, jailbreak attempts, and adversarial manipulations in user input. - Provides a safety verdict, risk score (0–1), and threat categories. - Supports both single-text and batch detection via CLI scripts (Python and Node.js). - Returns human-readable or JSON-formatted results. - Detects 10 distinct threat categories including instruction override, jailbreak, and asset extraction. - Requires an API key; supports environment variable or .env file configuration.
Metadata
Slug prompt-inspector
Version 0.1.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is Detector of prompt injection?

Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text... It is an AI Agent Skill for Claude Code / OpenClaw, with 149 downloads so far.

How do I install Detector of prompt injection?

Run "/install prompt-inspector" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Detector of prompt injection free?

Yes, Detector of prompt injection is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Detector of prompt injection support?

Detector of prompt injection is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Detector of prompt injection?

It is built and maintained by aunicall (@aunicall); the current version is v0.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments