← 返回 Skills 市场
140
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install promptguard
功能描述
Detect prompt injection attacks in text. Returns risk score and detected patterns.
安全使用建议
This skill appears to be a straightforward, local prompt-injection scanner. Before installing: (1) confirm how your platform implements the install 'uv' step (ensure it installs from trusted PyPI sources); (2) don't expose the server publicly without authentication because the provided service accepts arbitrary text and has no auth built in; (3) keep dependencies up to date and run in an isolated environment if you are concerned about supply-chain risk; (4) test with representative inputs to validate detection coverage and false positives/negatives for your use case.
功能分析
Type: OpenClaw Skill
Name: promptguard
Version: 0.1.1
The 'promptguard' skill is a legitimate security utility designed to detect prompt injection patterns using regex-based heuristics. The codebase (FastAPI, Pydantic, and regex detectors in promptguard/detectors.py) is transparent, lacks any suspicious network or file system activity, and contains no evidence of malicious intent or prompt injection attacks against the AI agent.
能力评估
Purpose & Capability
Name/description, required binaries (python), declared Python packages, and the included source code all match a simple local prompt-injection detector. Nothing in the files indicates unrelated capabilities (cloud access, system configuration, or secrets handling).
Instruction Scope
SKILL.md instructs to install FastAPI/uvicorn/pydantic, run uvicorn to start the server, and POST text to /v1/scan. The code implements exactly that endpoint and only inspects the provided text; it does not read files, environment variables, or external endpoints.
Install Mechanism
The declared packages are standard PyPI packages (fastapi, uvicorn, pydantic), which is appropriate. The install 'kind' is listed as 'uv' in metadata (unusual/ambiguous), but the SKILL.md shows pip instructions and the code is pure Python — this looks low risk but you may want to confirm how your platform's installer resolves 'uv'.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not attempt to access unrelated secrets or system config.
Persistence & Privilege
always is false and the skill does not try to modify other skills or system-wide settings. It runs as a local HTTP service and requires explicit startup; it does not persist elevated privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install promptguard - 安装完成后,直接呼叫该 Skill 的名称或使用
/promptguard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
- Added metadata for installation requirements and dependencies.
- Documented required Python packages and installation steps.
- Updated usage instructions for running the API server and making requests.
- Improved clarity and structure of setup and usage guidance.
v0.1.0
Initial release of promptguard — detect prompt injection attacks in text.
- Scans input text for common prompt injection patterns.
- Returns a risk score (0.0-1.0) and a list of detected attack patterns.
- Supports detection of instruction overrides, HTML comment injection, zero-width characters, delimiter attacks, role switching, and system prompt extraction.
- Available as a hosted API and as a standalone FastAPI app.
- Simple JSON input/output structure for easy integration.
元数据
常见问题
Promptguard 是什么?
Detect prompt injection attacks in text. Returns risk score and detected patterns. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 140 次。
如何安装 Promptguard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install promptguard」即可一键安装,无需额外配置。
Promptguard 是免费的吗?
是的,Promptguard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Promptguard 支持哪些平台?
Promptguard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Promptguard?
由 mirni(@mirni)开发并维护,当前版本 v0.1.1。
推荐 Skills