← 返回 Skills 市场
durugy

Duru Prompt Shield

作者 Duru · GitHub ↗ · v0.1.3 · MIT-0
cross-platform ⚠ suspicious
90
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install prompt-shield-lite
功能描述
Minimal anti-prompt-injection guardrail for OpenClaw agents. Use when handling untrusted external content (web pages, emails, tool output, documents), before...
安全使用建议
This skill appears to do what it claims and has no secret-env requirements or remote installers. Before installing or running it: (1) Inspect and, if needed, customize the rules/regex files under rules/ to fit your environment (to avoid false positives/negatives). (2) Keep PSL_LOG_PATH and PSL_RL_STATE_PATH at their defaults (skill-local memory/) unless you explicitly want logs/state elsewhere — avoid pointing them at sensitive system files. (3) Review .env if present and any environment variables you supply; runtime env overrides are supported and can change which files are read/written. (4) Treat the tool as an advisory guardrail — pair it with human confirmation for irreversible actions. If you need higher assurance, run the included tests (scripts/test-v2.sh) in a safe sandbox first.
功能分析
Type: OpenClaw Skill Name: prompt-shield-lite Version: 0.1.3 The prompt-shield-lite skill is a defensive security tool designed to protect OpenClaw agents from prompt injection and accidental data leakage. It features robust text normalization, multi-format decoding (Base64, URL, HTML), and regex-based scanning for both incoming untrusted content and outgoing sensitive data, including automated redaction of API keys and tokens. The implementation in scripts/psl-core.py and scripts/psl-core.sh is transparent, follows security best practices for guardrails, and contains no evidence of malicious intent or high-risk vulnerabilities.
能力标签
cryptorequires-walletrequires-oauth-token
能力评估
Purpose & Capability
Name/description (anti-prompt-injection guardrail) match the provided scripts and README. The repo contains detectors, pre-action checks, redaction for outbound sends, and log/rate-limit code consistent with the stated purpose.
Instruction Scope
SKILL.md restricts runtime config to a local .env and instructs running local scripts to scan external content and actions. The scripts read stdin / action text and operate on rule files and local log/state files under the skill root by default. This stays within the described guardrail scope, but the code also documents and allows environment variable overrides (e.g., PSL_LOG_PATH, PSL_RL_STATE_PATH) which can change what files are read/written if an operator sets them.
Install Mechanism
No install spec, no network downloads. Scripts are shell/python only and use Python standard library — low install risk.
Credentials
No credentials or secret env variables are required. Config envs are non-sensitive operational parameters (mode, actor id, paths, rate-limit). The skill redacts common token patterns when scanning outbound text.
Persistence & Privilege
Not always-enabled; agent invocation is normal. The skill writes logs and rate-limit state (default under the skill's memory/ path). These paths are configurable via env overrides; if an operator points them to system locations the skill will read/write there. The skill does not modify other skills or global agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install prompt-shield-lite
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /prompt-shield-lite 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.3
Env-driven config loading via .env (template-only .env.example), runtime path/parameter defaults preserved, and docs cleanup for configuration behavior.
v0.1.2
Address review concerns: move core logic to scripts/psl-core.py (no truncated heredoc), and lock analyze-log.sh to default memory log path unless PSL_ALLOW_ANY_LOG_PATH=1.
v0.1.1
Privacy scrub and portability improvements: removed machine-specific absolute paths and generalized path examples.
v0.1.0
Initial publish: prompt-injection guardrails with pre-action/pre-send checks.
元数据
Slug prompt-shield-lite
版本 0.1.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 4
常见问题

Duru Prompt Shield 是什么?

Minimal anti-prompt-injection guardrail for OpenClaw agents. Use when handling untrusted external content (web pages, emails, tool output, documents), before... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 90 次。

如何安装 Duru Prompt Shield?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install prompt-shield-lite」即可一键安装,无需额外配置。

Duru Prompt Shield 是免费的吗?

是的,Duru Prompt Shield 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Duru Prompt Shield 支持哪些平台?

Duru Prompt Shield 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Duru Prompt Shield?

由 Duru(@durugy)开发并维护,当前版本 v0.1.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论