AI-Warden — Prompt Injection Protection

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed setup guide for an OpenClaw security plugin, with ordinary but meaningful local configuration changes.

Install only if you trust the AI-Warden publisher and want a persistent OpenClaw plugin that can change agent security behavior. Verify the npm package name, version, repository, and checksum before enabling it; keep the config backup; prefer the environment-variable API key option; and review AI-Warden's data-handling terms before using online detection.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases include broad terms such as "security plugin" and "protect my agent," which can cause this skill to activate for unrelated security tasks. That increases the chance the agent will apply installation and configuration steps in the wrong context, potentially modifying a user's OpenClaw setup when they only asked for general security guidance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal