← 返回 Skills 市场
12183
总下载
4
收藏
39
当前安装
1
版本数
在 OpenClaw 中安装
/install prompt-injection-guard
功能描述
Prompt injection defense. Detect and block malicious prompts, protect system instructions, sanitize user input.
安全使用建议
Install this if you want an automatic prompt-injection guard, but expect occasional interruptions or false positives because the trigger keywords are broad. If you use its logging guidance, decide where logs are stored, how long they are kept, and how sensitive prompt fragments are redacted. Confirm the publisher/version metadata if provenance matters for your environment.
功能分析
Type: OpenClaw Skill
Name: prompt-injection-guard
Version: 1.0.0
The OpenClaw AgentSkills skill bundle 'prompt-injection-guard' is designed to protect the AI agent from prompt injection attacks. The `SKILL.md` file contains instructions for the agent to detect and block malicious prompts, sanitize user input, filter sensitive output, and prevent unauthorized actions like credential leakage or unapproved financial transactions. All instructions are defensive in nature, aiming to enhance the agent's security posture. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or any vulnerabilities that could be exploited by this skill itself; rather, it aims to prevent such attacks.
能力评估
Purpose & Capability
The stated purpose matches the artifact content: it defines prompt-injection patterns, context separation, output filtering, and blocking of unsafe requests such as credential leakage or unapproved transfers.
Instruction Scope
The skill auto-triggers on broad words such as prompt, injection, and attack, so it may interrupt ordinary security or AI discussions; this is disclosed and aligned with a guard skill, but could create false positives.
Install Mechanism
The package contains only SKILL.md and _meta.json with no executable scripts or install commands. Metadata shows a publisher/owner ID mismatch between registry context and _meta.json, which is a provenance note rather than malicious behavior.
Credentials
The artifacts request no OS access, credentials, network endpoints, binaries, or environment variables. The only notable data flow is recommended logging of detected patterns and partial inputs.
Persistence & Privilege
The skill suggests logs and alerts for detections but does not define storage location, retention, or access controls. It does not create background workers, privileged persistence, or automatic system changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install prompt-injection-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/prompt-injection-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial version of prompt-injection-guard skill.
- Provides prompt injection detection and defense for AI assistants.
- Detects and blocks malicious prompts and known attack patterns.
- Enforces clear input boundaries and context separation.
- Filters outputs to prevent leakage of passwords, secret keys, and system prompts.
- Includes specialized protections for cryptocurrency and SNS operations.
- Supports multi-level detection logic: warning, confirmation, and blocking.
- Designed for seamless integration and continuous monitoring of threats.
元数据
常见问题
Prompt Injection Guard 是什么?
Prompt injection defense. Detect and block malicious prompts, protect system instructions, sanitize user input. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 12183 次。
如何安装 Prompt Injection Guard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install prompt-injection-guard」即可一键安装,无需额外配置。
Prompt Injection Guard 是免费的吗?
是的,Prompt Injection Guard 完全免费(开源免费),可自由下载、安装和使用。
Prompt Injection Guard 支持哪些平台?
Prompt Injection Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Prompt Injection Guard?
由 maorun(@maorun)开发并维护,当前版本 v1.0.0。
推荐 Skills