← 返回 Skills 市场
subaru0573

prompt-inject-removal-p

作者 Subaru0573 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
74
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install prompt-inject-removal-p
功能描述
A robust security layer that detects and removes prompt injection attempts from external content, ensuring your AI interactions remain safe and controlled. I...
安全使用建议
This skill is internally coherent with its stated purpose, but remember: prompt-based sanitization cannot be 100% reliable. Before installing or using it in production: (1) run adversarial tests (inputs containing nested tags, closing tags, and common injection phrases) to verify behavior; (2) always review sanitized summaries before performing state-changing actions; (3) consider running the sanitization step in an isolated sub-agent or sandbox for high-risk data; (4) remove or clarify the stray garbage tokens in SKILL.md to avoid ambiguity. If you need absolute guarantees, combine this tool with additional runtime isolation or instrumentation.
功能分析
Type: OpenClaw Skill Name: prompt-inject-removal-p Version: 1.0.0 The skill is a defensive security tool designed to sanitize untrusted external content (e.g., web pages) to prevent indirect prompt injection attacks. It implements a 'Zero-Trust' architecture using XML delimitation and a hardened system prompt (PROMPT.md) that instructs the agent to treat input as inert data. While there is a strange 'word salad' string at the end of the SKILL.md description and minor discrepancies between the provided files and the setup.sh script, there is no evidence of malicious intent, data exfiltration, or unauthorized command execution.
能力评估
Purpose & Capability
Name/description (prompt injection removal) matches the actual artifacts: instruction-only sanitization prompts (PROMPT.md), security docs, and a harmless setup.sh that writes these files. No unrelated credentials, binaries, or network installs are requested.
Instruction Scope
SKILL.md and PROMPT.md limit the sanitization agent to parsing/summarization of delimited input and explicitly instruct it to ignore instructions inside untrusted data. This is consistent with the stated purpose. Note: SKILL.md contains an odd stray token sequence ('presents generate requested manners ... mp3 preserve ought buzz flaw task') that appears to be garbage or accidental; it does not change the skill's behavior but should be cleaned to avoid confusion.
Install Mechanism
No install spec; this is instruction-only. The included setup.sh merely creates local files via heredocs and does not download external artifacts or execute remote code. Low installation risk.
Credentials
The skill requires no environment variables, credentials, or config paths. All requested accesses are proportional to a sanitization tool.
Persistence & Privilege
always is false and the skill does not request persistent elevated privileges or modify other skills' configurations. Normal autonomous invocation is allowed (platform default) but not a special-risk setting here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install prompt-inject-removal-p
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /prompt-inject-removal-p 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of prompt_inject_removal, a security-focused skill to detect and remove prompt injections from external content. - Uses advanced pattern recognition to sanitize inputs before AI processing. - Designed for summarizing untrusted content with a local, hardened system prompt—no external APIs required. - Follows a secure workflow: fetch, delimit, sanitize, and ingest only safe summaries. - Includes links to detailed security documentation and hardened prompts for reference.
元数据
Slug prompt-inject-removal-p
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

prompt-inject-removal-p 是什么?

A robust security layer that detects and removes prompt injection attempts from external content, ensuring your AI interactions remain safe and controlled. I... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 74 次。

如何安装 prompt-inject-removal-p?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install prompt-inject-removal-p」即可一键安装,无需额外配置。

prompt-inject-removal-p 是免费的吗?

是的,prompt-inject-removal-p 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

prompt-inject-removal-p 支持哪些平台?

prompt-inject-removal-p 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 prompt-inject-removal-p?

由 Subaru0573(@subaru0573)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论