← Back to Skills Marketplace
90
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install prompt-shield-lite
Description
Minimal anti-prompt-injection guardrail for OpenClaw agents. Use when handling untrusted external content (web pages, emails, tool output, documents), before...
Usage Guidance
This skill appears to do what it claims and has no secret-env requirements or remote installers. Before installing or running it: (1) Inspect and, if needed, customize the rules/regex files under rules/ to fit your environment (to avoid false positives/negatives). (2) Keep PSL_LOG_PATH and PSL_RL_STATE_PATH at their defaults (skill-local memory/) unless you explicitly want logs/state elsewhere — avoid pointing them at sensitive system files. (3) Review .env if present and any environment variables you supply; runtime env overrides are supported and can change which files are read/written. (4) Treat the tool as an advisory guardrail — pair it with human confirmation for irreversible actions. If you need higher assurance, run the included tests (scripts/test-v2.sh) in a safe sandbox first.
Capability Analysis
Type: OpenClaw Skill
Name: prompt-shield-lite
Version: 0.1.3
The prompt-shield-lite skill is a defensive security tool designed to protect OpenClaw agents from prompt injection and accidental data leakage. It features robust text normalization, multi-format decoding (Base64, URL, HTML), and regex-based scanning for both incoming untrusted content and outgoing sensitive data, including automated redaction of API keys and tokens. The implementation in scripts/psl-core.py and scripts/psl-core.sh is transparent, follows security best practices for guardrails, and contains no evidence of malicious intent or high-risk vulnerabilities.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (anti-prompt-injection guardrail) match the provided scripts and README. The repo contains detectors, pre-action checks, redaction for outbound sends, and log/rate-limit code consistent with the stated purpose.
Instruction Scope
SKILL.md restricts runtime config to a local .env and instructs running local scripts to scan external content and actions. The scripts read stdin / action text and operate on rule files and local log/state files under the skill root by default. This stays within the described guardrail scope, but the code also documents and allows environment variable overrides (e.g., PSL_LOG_PATH, PSL_RL_STATE_PATH) which can change what files are read/written if an operator sets them.
Install Mechanism
No install spec, no network downloads. Scripts are shell/python only and use Python standard library — low install risk.
Credentials
No credentials or secret env variables are required. Config envs are non-sensitive operational parameters (mode, actor id, paths, rate-limit). The skill redacts common token patterns when scanning outbound text.
Persistence & Privilege
Not always-enabled; agent invocation is normal. The skill writes logs and rate-limit state (default under the skill's memory/ path). These paths are configurable via env overrides; if an operator points them to system locations the skill will read/write there. The skill does not modify other skills or global agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install prompt-shield-lite - After installation, invoke the skill by name or use
/prompt-shield-lite - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.3
Env-driven config loading via .env (template-only .env.example), runtime path/parameter defaults preserved, and docs cleanup for configuration behavior.
v0.1.2
Address review concerns: move core logic to scripts/psl-core.py (no truncated heredoc), and lock analyze-log.sh to default memory log path unless PSL_ALLOW_ANY_LOG_PATH=1.
v0.1.1
Privacy scrub and portability improvements: removed machine-specific absolute paths and generalized path examples.
v0.1.0
Initial publish: prompt-injection guardrails with pre-action/pre-send checks.
Metadata
Frequently Asked Questions
What is Duru Prompt Shield?
Minimal anti-prompt-injection guardrail for OpenClaw agents. Use when handling untrusted external content (web pages, emails, tool output, documents), before... It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.
How do I install Duru Prompt Shield?
Run "/install prompt-shield-lite" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Duru Prompt Shield free?
Yes, Duru Prompt Shield is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Duru Prompt Shield support?
Duru Prompt Shield is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Duru Prompt Shield?
It is built and maintained by Duru (@durugy); the current version is v0.1.3.
More Skills