← 返回 Skills 市场
Prompt Engineering
作者
Ömer Karışman
· GitHub ↗
· v0.1.5
907
总下载
0
收藏
15
当前安装
2
版本数
在 OpenClaw 中安装
/install prompt-engineering
功能描述
Master prompt engineering for AI models: LLMs, image generators, video models. Techniques: chain-of-thought, few-shot, system prompts, negative prompts. Mode...
安全使用建议
This guide is coherent for learning prompt engineering, but exercise caution before following its runtime instructions. Do not run curl | sh blindly — inspect the install script at https://cli.inference.sh first and verify checksums from the claimed checksum URL. Understand that using the shown commands will send whatever you include in prompts to third‑party inference services (inference.sh/openrouter/falai/google), so never include secrets, passwords, private keys, or sensitive data in prompts. If you prefer less risk, consider using a vetted package manager, a self‑hosted/local model, or reading the guide without installing the CLI. If you need to use the CLI, confirm the provider's privacy/security policy and where credentials are stored (local config, environment variables, or remote storage) before logging in.
功能分析
Type: OpenClaw Skill
Name: prompt-engineering
Version: 0.1.5
The skill is classified as suspicious due to the presence of shell commands (`curl | sh` and `npx`) in `SKILL.md` that are outside the explicitly declared `allowed-tools: Bash(infsh *)`. While these commands are presented as user instructions for installation and skill management, they represent a significant prompt injection vulnerability. If an AI agent were to misinterpret these instructions as commands to execute, it could lead to arbitrary code execution from remote sources (cli.inference.sh, npm packages), bypassing the intended tool restrictions. Additionally, the broad `Bash(infsh *)` permission, while aligned with the skill's stated purpose, allows the agent to execute any `infsh` command, which could be abused if the agent is maliciously prompted.
能力评估
Purpose & Capability
The name and description match the SKILL.md: the file is a prompt-engineering guide with examples for LLM, image, and video prompting and demonstrates usage of an external CLI (infsh). There are no unrelated declared requirements (no unexpected cloud creds, etc.).
Instruction Scope
The instructions repeatedly direct the user/agent to install and use the third‑party CLI (infsh) and to call external inference endpoints (openrouter, falai, google/veo, and inference.sh). That means user prompts and any data sent to those commands will be transmitted to third parties — a data‑exfiltration risk if sensitive data is used. The guide also instructs a curl | sh install flow (download-and-execute), which expands the agent's attack surface and should be treated cautiously.
Install Mechanism
Although the skill bundle itself has no install spec, the SKILL.md instructs running a remote installer via curl -fsSL https://cli.inference.sh | sh and downloading binaries from dist.inference.sh. Running a remote script piped to sh is a high-risk pattern; the file claims checksums are available (some mitigation), but the installer source is an external domain not documented in the skill metadata and the skill does not embed the checksum verification steps or show verifying before execution.
Credentials
The registry metadata lists no required environment variables or credentials, yet the guide calls out 'infsh login' and demonstrates invoking third‑party models that will require authentication/keys. This mismatch reduces transparency: users/agents must supply credentials (or interactively login) to use the CLI, but the skill does not declare what secrets will be needed or how they are used/stored.
Persistence & Privilege
The skill itself is instruction-only and not marked 'always'. However, following the guide installs a third‑party CLI binary that persists on disk and can be invoked later. The skill does not request system-wide config changes or modify other skills, but installation is an explicit action with potential long-lived effects.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install prompt-engineering - 安装完成后,直接呼叫该 Skill 的名称或使用
/prompt-engineering触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.5
- Added comprehensive SKILL.md guide covering prompt engineering for LLMs, image, and video generation models.
- Included practical examples for chain-of-thought, few-shot, role prompting, output formatting, and advanced techniques.
- Provided structured instructions for effective prompting with Claude, GPT-4, Gemini, FLUX, Veo, and Stable Diffusion.
- Expanded content on negative prompts, system prompts, iterative refinement, and multi-turn reasoning.
- Enhanced documentation with CLI command snippets and model-specific guidance for optimizing AI outputs.
v0.1.0
Initial release of the Prompt Engineering guide.
- Comprehensive best practices for prompt engineering across LLMs, image, and video models.
- Includes structured examples for role, task clarity, chain-of-thought, few-shot, and output formatting.
- Prompt templates for image (FLUX, Stable Diffusion) and video (Veo) generation.
- Advanced techniques: system prompts, structured output, iterative refinement, multi-turn interaction.
- Model-specific tips for Claude, GPT-4, FLUX, and Veo models via inference.sh CLI.
元数据
常见问题
Prompt Engineering 是什么?
Master prompt engineering for AI models: LLMs, image generators, video models. Techniques: chain-of-thought, few-shot, system prompts, negative prompts. Mode... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 907 次。
如何安装 Prompt Engineering?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install prompt-engineering」即可一键安装,无需额外配置。
Prompt Engineering 是免费的吗?
是的,Prompt Engineering 完全免费(开源免费),可自由下载、安装和使用。
Prompt Engineering 支持哪些平台?
Prompt Engineering 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Prompt Engineering?
由 Ömer Karışman(@okaris)开发并维护,当前版本 v0.1.5。
推荐 Skills