← 返回 Skills 市场
aunicall

Detector of prompt injection

作者 aunicall · GitHub ↗ · v0.1.2 · MIT-0
cross-platform ✓ 安全检测通过
149
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install prompt-inspector
功能描述
Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text...
安全使用建议
This skill appears to be what it claims: a thin client that sends text to promptinspector.io and returns a verdict. Before installing, verify you trust the Prompt Inspector provider and keep your PMTINSP_API_KEY secret (do not commit it to public repos). Be cautious when using the --base-url option or changing the API endpoint: pointing it to an untrusted server would forward user inputs (possibly sensitive) and the API key to that server. If you need on-premise processing for privacy, prefer a self-hosted instance you control and verify network traffic. Finally, rotate or scope the API key if you plan to use it in production.
功能分析
Type: OpenClaw Skill Name: prompt-inspector Version: 0.1.2 The prompt-inspector skill is a legitimate tool designed to interface with the Prompt Inspector API for detecting adversarial inputs. The Python and Node.js scripts (detect.py, detect.js) use standard libraries to send user-provided text to https://promptinspector.io for safety analysis. While the scripts access ~/.openclaw/.env, this behavior is clearly documented and used solely to retrieve the required PMTINSP_API_KEY. No evidence of data exfiltration, malicious execution, or harmful prompt injection instructions was found.
能力评估
Purpose & Capability
Name/description match the implementation: the helper scripts and SKILL.md send user text to an external detection API and require a single API key (PMTINSP_API_KEY). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions only describe sending input to the stated API, reading the declared PMTINSP_API_KEY (env var, CLI arg, or ~/.openclaw/.env), and formatting output. The SKILL.md examples include adversarial phrases (e.g., "Ignore all previous instructions") which are example inputs consistent with the product's purpose.
Install Mechanism
No install spec or external downloads. The included scripts use only standard-library modules and do not install third-party packages or fetch arbitrary code at install time.
Credentials
The skill requires only one environment variable (PMTINSP_API_KEY), which is appropriate for a hosted API client. The scripts optionally read ~/.openclaw/.env for that same variable — consistent with SKILL.md. No other secret-like env vars are requested.
Persistence & Privilege
always is false, the skill doesn't request persistent or elevated platform privileges, and it does not modify other skills or system-wide configs. It only reads its own expected config locations.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install prompt-inspector
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /prompt-inspector 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
- Refine SKILL
v0.1.1
- Improve the description.
v0.1.0
Initial release of Prompt Inspector, an API service for prompt injection detection. - Detects prompt injection, jailbreak attempts, and adversarial manipulations in user input. - Provides a safety verdict, risk score (0–1), and threat categories. - Supports both single-text and batch detection via CLI scripts (Python and Node.js). - Returns human-readable or JSON-formatted results. - Detects 10 distinct threat categories including instruction override, jailbreak, and asset extraction. - Requires an API key; supports environment variable or .env file configuration.
元数据
Slug prompt-inspector
版本 0.1.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Detector of prompt injection 是什么?

Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 149 次。

如何安装 Detector of prompt injection?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install prompt-inspector」即可一键安装,无需额外配置。

Detector of prompt injection 是免费的吗?

是的,Detector of prompt injection 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Detector of prompt injection 支持哪些平台?

Detector of prompt injection 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Detector of prompt injection?

由 aunicall(@aunicall)开发并维护,当前版本 v0.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论