← Back to Skills Marketplace
905
Downloads
2
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install prompt-injection-protection
Description
Protects against prompt injection attacks by sanitizing, validating, and securely processing untrusted external content from websites, emails, and documents.
Usage Guidance
This package appears to be a coherent prompt-injection protection library. Before installing or enabling it broadly, consider: (1) it persists learned patterns to learned-threats.json in the skill directory — confirm that persistent writes are acceptable in your environment; (2) its constructor starts an auto-update interval (periodic background task) — if you want to avoid background timers, disable auto-updates or adjust the update schedule; (3) although demos reference sensitive files/commands, the code only matches patterns and does not read those files or require credentials; (4) review the source files yourself if you need stronger assurance (especially adaptive-learning.js and auto-update.js) and consider disabling learning in high-security contexts. If you plan to allow autonomous invocation, remember the skill will adapt to inputs it sees, so ensure it runs in a sandboxed agent context and that learned data is acceptable to retain.
Capability Analysis
Type: OpenClaw Skill
Name: prompt-injection-protection
Version: 1.0.0
This OpenClaw skill is designed for prompt injection protection, featuring content sanitization, threat detection, adaptive learning, and auto-updates. All code and documentation consistently describe defensive mechanisms against various attack vectors, including command execution, system file access, and prompt manipulation. The demo files explicitly show malicious inputs being *detected and alerted upon* by the protection system, rather than being executed. There is no evidence of intentional harmful behavior, data exfiltration, unauthorized execution, or prompt injection against the agent itself; instead, the skill aims to prevent these actions.
Capability Assessment
Purpose & Capability
The code implements the described purpose: detection, sanitization, adaptive learning, alerts, and pre-checks for commands/file access. No requested environment variables, binaries, or unrelated packages are present that would be inconsistent with a protection library.
Instruction Scope
SKILL.md and the example/demo code focus on sanitizing and detecting prompt injection. Examples intentionally contain injection phrases (expected). The runtime code does not instruct the agent to read arbitrary user files or exfiltrate secrets; it only analyzes content strings and raises alerts.
Install Mechanism
There is no install spec (instruction-only metadata), and the distributed files are plain JS source files. No network downloads or third-party install steps are specified, so installation risk is low.
Credentials
The skill requires no environment variables or credentials. It includes detection rules that mention sensitive filenames/commands (for pattern matching) but does not access external credentials or request unrelated secrets.
Persistence & Privilege
The skill persistently stores learned patterns to learned-threats.json in its directory and starts an auto-update timer (setInterval) in the constructor. This is coherent for an adaptive protection library, but it means the skill writes to disk and will run periodic tasks while instantiated — review whether you accept persistent state and background activity.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install prompt-injection-protection - After installation, invoke the skill by name or use
/prompt-injection-protection - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the Prompt Injection Protection Skill.
- Provides comprehensive protection against prompt injection attacks from untrusted sources.
- Includes content sanitization, validation, and prompt injection detection features.
- Securely processes web content, emails, documents, and other external inputs.
- Implements robust security measures such as input sanitization, output encoding, and context isolation.
- Offers functions for safe extraction and filtering of information to prevent manipulation or unintended actions.
Metadata
Frequently Asked Questions
What is PROMPT INJECTION PROTECTION?
Protects against prompt injection attacks by sanitizing, validating, and securely processing untrusted external content from websites, emails, and documents. It is an AI Agent Skill for Claude Code / OpenClaw, with 905 downloads so far.
How do I install PROMPT INJECTION PROTECTION?
Run "/install prompt-injection-protection" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is PROMPT INJECTION PROTECTION free?
Yes, PROMPT INJECTION PROTECTION is completely free (open-source). You can download, install and use it at no cost.
Which platforms does PROMPT INJECTION PROTECTION support?
PROMPT INJECTION PROTECTION is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created PROMPT INJECTION PROTECTION?
It is built and maintained by blackworm (@blackworm); the current version is v1.0.0.
More Skills